Fwd: Error start bind9 samba4 BIND9_DLZ
Jacó Ramos
j4c0r4m0s at gmail.com
Tue Sep 24 17:04:16 CEST 2013
No,
I run for resolves:
samba_updatedns --dns-backend=BIND9_DLZ, but not run .
255 root at samba /usr/local/samba/private/dns # samba_upgradedns
--dns-backend=BIND9_DLZ
Reading domain information
Cannot create AD based DNS for OS level < 2003
1 root at samba /usr/local/samba/private/dns #
Grato.
Jacó Ramos
2013/9/24 Taylor, Jonn <jonnt at taylortelephone.com>
> On 09/24/2013 09:58 AM, Jacó Ramos wrote:
>
>> Bind9 is finding sam.ldb in /usr/local/samba/private/dns but file is in
>> /usr/local/samba/private.
>>
>> Grato.
>> Jacó Ramos
>>
>>
>>
>>
>> 2013/9/24 Taylor, Jonn <jonnt at taylortelephone.com <mailto:
>> jonnt at taylortelephone.**com <jonnt at taylortelephone.com>>>
>>
>>
>> On 09/24/2013 09:11 AM, Daniele Dario wrote:
>>
>> On Tue, 2013-09-24 at 08:10 -0300, Jacó Ramos wrote:
>>
>> When run :
>>
>>
>> samba-upgradedns --dns-backend=BIND9_DLZ
>> Cannot create AD based DNS for OS Level < 2003
>> and now ?
>>
>> Grato.
>>
>> Jacó Ramos
>> 2013/9/24 Rowland Penny <repenny241155 at gmail.com
>> <mailto:repenny241155 at gmail.**com <repenny241155 at gmail.com>>>
>>
>> On 24/09/13 11:38, Jacó Ramos wrote:
>> Hi Dario,
>> cp
>> /usr/local/samba/private/sam.**ldb
>> /usr/local/samba/private/dns
>> cp /usr/local/samba/private/sam.**ldb.d
>> /usr/local/samba/private/dns
>> and
>> chmod 777
>> /usr/local/samba/private/dns/*
>> and dns works fine!
>> Grato.
>> Jacó Ramos
>> Hi, sorry but
>> you have got it wrong, it needs to be hard
>> linked, see here:
>> https://wiki.samba.org/index.**php/Samba4/HOWTO/Join_a_**
>> domain_as_a_DC<https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC>
>> and here:
>> https://wiki.samba.org/index.**php/Dns-backend_bind#New_**
>> added_DNS_entries_are_not_**resolvable<https://wiki.samba.org/index.php/Dns-backend_bind#New_added_DNS_entries_are_not_resolvable>
>> Rowland
>>
>> Hi Jacó,
>> could it be that your domain/forest level is < 2003?
>>
>> try to run
>> # samba-tool domain level show
>> to see the domain/forest levels.
>>
>> Did you provision the domain on samba AD DC or did you join it
>> to an
>> existing domain?
>>
>> BTW as Rowland said the private/dns content has to be hard
>> linked and
>> not a simple copy. Samba updates it's private/sam.ldb and
>> private/sam.ldb.d/* files. Files on private/dns won't be
>> updated that's
>> why they have to be links to the original ones.
>>
>> A side note about permissions: it would be safer to restrict
>> permissions
>> to bind/named so as stated in the wiki you can
>>
>> # chown named:named /usr/local/samba/private/dns
>> # chgrp named /usr/local/samba/private/dns.**keytab
>> # chmod g+r /usr/local/samba/private/dns.**keytab
>> # chmod 775 /usr/local/samba/private/dns
>>
>> Daniele.
>>
>>
>> If your domain level is 2003 you will not be able to join samba4
>> with bind backend. There is a bug open for this. It duplicates
>> your dns zone and bind will not start.
>>
>> https://bugzilla.samba.org/**show_bug.cgi?id=9210<https://bugzilla.samba.org/show_bug.cgi?id=9210>
>>
>> Jonn
>>
>>
>>
>>
>> --
>>
>> /"O homem não foi criado para ser feliz nem para vencer, mas para viver
>> para Deus. Quando vive para Deus é feliz e vence." Isaltino Gomes
>> /
>> *
>> $whoami*
>>
>> * Perito Forense Computacional
>> * Pentester
>> * Esp. em Segurança de Redes de Computadores com enfâse a Perícia
>> Forense Computacional - FACID
>> * Bacharel em Ciência da Computação - UESPI
>> * Administrador de Redes de Computadores
>> * CCNA Modulo II
>> * Lattes: /http://lattes.cnpq.br/**1591329268136905/<http://lattes.cnpq.br/1591329268136905/>
>>
>>
>>
>> Esta mensagem pode conter informações confidenciais e/ou privilegiadas.
>> Se você não for o destinatário ou a pessoa autorizada a receber esta
>> mensagem, não deve usar, copiar ou divulgar as informações nela contida ou
>> tomar qualquer ação baseada nessas informações.
>>
> Did you create the links as per the wiki?
>
> Jonn
>
>
--
*"O homem não foi criado para ser feliz nem para vencer, mas para viver
para Deus. Quando vive para Deus é feliz e vence." Isaltino Gomes
*
*
$whoami*
- Perito Forense Computacional
- Pentester
- Esp. em Segurança de Redes de Computadores com enfâse a Perícia
Forense Computacional - FACID
- Bacharel em Ciência da Computação - UESPI
- Administrador de Redes de Computadores
- CCNA Modulo II
- Lattes: *http://lattes.cnpq.br/1591329268136905*
Esta mensagem pode conter informações confidenciais e/ou privilegiadas. Se
você não for o destinatário ou a pessoa autorizada a receber esta mensagem,
não deve usar, copiar ou divulgar as informações nela contida ou tomar
qualquer ação baseada nessas informações.
More information about the samba-technical
mailing list