Hello, Thank you very much for your reply. I have configured bind using the dlz backend and these are the results. named log: Mar 15 09:39:41 neptuno named[13166]: sizing zone task pool based on 6 zones Mar 15 09:39:41 neptuno named[13166]: Loading 'AD DNS Zone' using driver dlopen Mar 15 09:39:42 neptuno named[13166]: samba_dlz: started for DN DC=pragma,DC=com,DC=co Mar 15 09:39:42 neptuno named[13166]: samba_dlz: starting configure Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable zone 'waspruebas.proteccion.com.co' Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable zone 'segdllo02.suranet.com' Mar 15 09:39:42 neptuno named[13166]: zone dbmed04.pragma.com.co/NONE: has no NS records Mar 15 09:39:42 neptuno named[13166]: samba_dlz: Failed to configure zone 'dbmed04.pragma.com.co' Mar 15 09:39:42 neptuno named[13166]: loading configuration: bad zone Mar 15 09:39:42 neptuno named[13166]: exiting (due to fatal error) named.conf: options { listen-on port 53 { 127.0.0.1; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; }; recursion yes; dnssec-enable yes; dnssec-validation yes; tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab"; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; include "/usr/local/samba/private/named.conf"; As you can see in the log, the zone dbmed04.pragma.com.co does not have ns records according to the database. I've tried deleting it with ./samba-tool dns zonedelete neptuno.pragma.com.co dbmed04.pragma.com.co ERROR(runtime): uncaught exception - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE') File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py" , line 176, in _run return self.run(*args, **kwargs) File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/dns.py", line 780, in run raise e Best regards, Santiago. 2017-03-14 17:21 GMT-05:00, Rowland Penny via samba <samba at lists.samba.org>:> On Tue, 14 Mar 2017 17:01:24 -0500 > Santiago Londoño Mejía <santiago.londono at pragma.com.co> wrote: > >> Hello, >> >> Sorry for the few details. >> >> rsync: >> >> rsync -h -a -v /usr/local/samba/var/locks/sysvol/pragma.com.co/ >> root at server2:/usr/local/samba/var/locks/sysvol/pragma.com.co/ > > OH dear, have a look here: > > https://wiki.samba.org/index.php/Rsync_based_SysVol_replication_workaround > >> >> first dc smb.conf: >> [global] >> tls verify peer = no_check >> ldap server require strong auth = no >> netbios name = NEPTUNO >> realm = PRAGMA.COM.CO >> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, >> drepl, winbindd, ntp_signd, kcc, dnsupdate >> workgroup = PRAGMA >> server role = active directory domain controller >> # interfaces = en160 en160:0 lo >> wins support = Yes >> name resolve order = wins lmhosts hosts bcast > > 'name resolve order' on something that is running (or should be) a DNS > server ??? > > >> named.conf: > >> zone "pragma.com.co" { >> type master; >> file "dynamic/pragma.com.co"; >> }; > > AHA, you are running Bind with the totally unsupported flatfiles, this > does not work. > >> >> >> >> include "/etc/named.rfc1912.zones"; >> include "/etc/named.root.key"; >> //include "/usr/local/samba/private/named.conf"; > > Uncomment the above line, you need it. > > Can I suggest you read about DNS on the samba wiki: > > https://wiki.samba.org/index.php/Setting_up_a_BIND_DNS_Server > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- Santiago Londoño Mejía Analista de Infraestructura t. (574) 605 25 23 ext. 1232 m. (57) 3148332567 Medellín | Carrera 50 C #10 Sur 80 Bogotá | Medellín | Cali www.pragma.com.co -- Este mensaje es confidencial. Puede contener información privilegiada que pertenece a PRAGMA S.A. y/o a sus clientes, contratistas, directores, empleados y asesores, por tanto no debe ser usado ni divulgado por personas distintas a su destinatario. Si obtiene este mensaje por error, equivocación u omisión, por favor bórrelo y avise al remitente. Está prohibida su retención, grabación, utilización o divulgación con cualquier propósito. Este mensaje ha sido sometido a programas antivirus. No obstante, PRAGMA S.A. no asume ninguna responsabilidad por eventuales daños generados por el recibo y uso de este material, siendo responsabilidad del destinatario verificar con sus propios medios la existencia de virus u otros defectos. Las opiniones, conclusiones y otra información contenida en este correo no relacionadas con el negocio oficial de PRAGMA S.A., deben entenderse como personales y de ninguna manera son avaladas por la Compañía.
On Wed, 15 Mar 2017 10:03:59 -0500 Santiago Londoño Mejía <santiago.londono at pragma.com.co> wrote:> Hello, > Thank you very much for your reply. > I have configured bind using the dlz backend and these are the > results. > > named log: > > Mar 15 09:39:41 neptuno named[13166]: sizing zone task pool based on > 6 zones Mar 15 09:39:41 neptuno named[13166]: Loading 'AD DNS Zone' > using driver dlopen Mar 15 09:39:42 neptuno named[13166]: samba_dlz: > started for DN DC=pragma,DC=com,DC=co > Mar 15 09:39:42 neptuno named[13166]: samba_dlz: starting configure > Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable > zone 'waspruebas.proteccion.com.co' > Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable > zone 'segdllo02.suranet.com' > Mar 15 09:39:42 neptuno named[13166]: zone dbmed04.pragma.com.co/NONE: > has no NS records > Mar 15 09:39:42 neptuno named[13166]: samba_dlz: Failed to configure > zone 'dbmed04.pragma.com.co' > Mar 15 09:39:42 neptuno named[13166]: loading configuration: bad zone > Mar 15 09:39:42 neptuno named[13166]: exiting (due to fatal error) >You should only have the zone records for 'pragma.com.co' in AD and Bind must be running on the DC. I use Devuan and the Bind files are split into four files, these are the files I have basically been using for the last 5 years without problem: cat /etc/bind/named.conf include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; cat /etc/bind/named.conf.options options { directory "/var/cache/bind"; version "0.0.7"; notify no; empty-zones-enable no; allow-query { 127.0.0.1; 192.168.0.0/24; }; allow-recursion { 192.168.0.0/24; 127.0.0.1/32; }; forwarders { 8.8.8.8; }; allow-transfer { none; }; dnssec-validation no; dnssec-enable no; listen-on-v6 { none; }; listen-on port 53 { 192.168.0.2; 127.0.0.1; }; tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab"; }; cat /etc/bind/named.conf.local include "/usr/local/samba/private/named.conf"; cat /etc/bind/named.conf.default-zones // prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; }; // be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912 zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; };> > As you can see in the log, the zone dbmed04.pragma.com.co does not > have ns records according to the database.Hang on a minute, you posted that this is the smb.conf on your DC: realm = PRAGMA.COM.CO Your realm must be the same as your DNS domain, so where does 'dbmed04.pragma.com.co' come from ?? Try the command like this: samba-tool dns zonedelete neptuno.pragma.com.co waspruebas.proteccion.com.co -U Administrator (just in case it has spilt over two lines, the above should be on one line) If that works, remove the other spurious domain and then try 'samba_upgradedns --dns-backend=BIND9_DLZ' finally delete the last wrong zone 'dbmed04.pragma.com.co' Rowland
Hello, Thank you for the answer. I tried to remove the zone waspruebas.proteccion.com.co with following result ERROR(runtime): uncaught exception - (9717, 'WERR_DNS_ERROR_DS_UNAVAILABLE') File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line 176, in _run/netcmd/dns.py", lin return self.run(*args, **kwargs) File "/usr/local/samba/lib64/python2.6/site-packages/samba e 780, in run raise e Best regards. 2017-03-15 10:51 GMT-05:00, Rowland Penny via samba <samba at lists.samba.org>:> On Wed, 15 Mar 2017 10:03:59 -0500 > Santiago Londoño Mejía <santiago.londono at pragma.com.co> wrote: > >> Hello, >> Thank you very much for your reply. >> I have configured bind using the dlz backend and these are the >> results. >> >> named log: >> >> Mar 15 09:39:41 neptuno named[13166]: sizing zone task pool based on >> 6 zones Mar 15 09:39:41 neptuno named[13166]: Loading 'AD DNS Zone' >> using driver dlopen Mar 15 09:39:42 neptuno named[13166]: samba_dlz: >> started for DN DC=pragma,DC=com,DC=co >> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: starting configure >> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable >> zone 'waspruebas.proteccion.com.co' >> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable >> zone 'segdllo02.suranet.com' >> Mar 15 09:39:42 neptuno named[13166]: zone dbmed04.pragma.com.co/NONE: >> has no NS records >> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: Failed to configure >> zone 'dbmed04.pragma.com.co' >> Mar 15 09:39:42 neptuno named[13166]: loading configuration: bad zone >> Mar 15 09:39:42 neptuno named[13166]: exiting (due to fatal error) >> > > You should only have the zone records for 'pragma.com.co' in AD and > Bind must be running on the DC. > > I use Devuan and the Bind files are split into four files, these are > the files I have basically been using for the last 5 years without > problem: > > cat /etc/bind/named.conf > > include "/etc/bind/named.conf.options"; > include "/etc/bind/named.conf.local"; > include "/etc/bind/named.conf.default-zones"; > > cat /etc/bind/named.conf.options > > options { > directory "/var/cache/bind"; > version "0.0.7"; > notify no; > empty-zones-enable no; > allow-query { 127.0.0.1; 192.168.0.0/24; }; > allow-recursion { 192.168.0.0/24; 127.0.0.1/32; }; > forwarders { 8.8.8.8; }; > allow-transfer { none; }; > dnssec-validation no; > dnssec-enable no; > > listen-on-v6 { none; }; > listen-on port 53 { 192.168.0.2; 127.0.0.1; }; > tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab"; > }; > > cat /etc/bind/named.conf.local > > include "/usr/local/samba/private/named.conf"; > > cat /etc/bind/named.conf.default-zones > // prime the server with knowledge of the root servers > zone "." { > type hint; > file "/etc/bind/db.root"; > }; > > // be authoritative for the localhost forward and reverse zones, and for > // broadcast zones as per RFC 1912 > > zone "localhost" { > type master; > file "/etc/bind/db.local"; > }; > > zone "127.in-addr.arpa" { > type master; > file "/etc/bind/db.127"; > }; > > zone "0.in-addr.arpa" { > type master; > file "/etc/bind/db.0"; > }; > > zone "255.in-addr.arpa" { > type master; > file "/etc/bind/db.255"; > }; > > > > >> >> As you can see in the log, the zone dbmed04.pragma.com.co does not >> have ns records according to the database. > > Hang on a minute, you posted that this is the smb.conf on your DC: > > realm = PRAGMA.COM.CO > > Your realm must be the same as your DNS domain, so where does > 'dbmed04.pragma.com.co' come from ?? > > Try the command like this: > > samba-tool dns zonedelete neptuno.pragma.com.co > waspruebas.proteccion.com.co -U Administrator > > (just in case it has spilt over two lines, the above should be on one > line) > > If that works, remove the other spurious domain and then try > 'samba_upgradedns --dns-backend=BIND9_DLZ' > > finally delete the last wrong zone 'dbmed04.pragma.com.co' > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- Santiago Londoño Mejía Analista de Infraestructura t. (574) 605 25 23 ext. 1232 m. (57) 3148332567 Medellín | Carrera 50 C #10 Sur 80 Bogotá | Medellín | Cali www.pragma.com.co -- Este mensaje es confidencial. Puede contener información privilegiada que pertenece a PRAGMA S.A. y/o a sus clientes, contratistas, directores, empleados y asesores, por tanto no debe ser usado ni divulgado por personas distintas a su destinatario. Si obtiene este mensaje por error, equivocación u omisión, por favor bórrelo y avise al remitente. Está prohibida su retención, grabación, utilización o divulgación con cualquier propósito. Este mensaje ha sido sometido a programas antivirus. No obstante, PRAGMA S.A. no asume ninguna responsabilidad por eventuales daños generados por el recibo y uso de este material, siendo responsabilidad del destinatario verificar con sus propios medios la existencia de virus u otros defectos. Las opiniones, conclusiones y otra información contenida en este correo no relacionadas con el negocio oficial de PRAGMA S.A., deben entenderse como personales y de ninguna manera son avaladas por la Compañía.
Apparently Analagous Threads
- Problems with replication and dns
- " a misconfigured DNS zone" (was Provision new domain keeping users and passwords (Santiago))
- " a misconfigured DNS zone" (was Provision new domain keeping users and passwords (Santiago))
- Provision new domain keeping users and passwords (Santiago)
- Problems with replication and dns