This is all the diagnostic information I can think of at the moment:
[root at smb4-1 ~ (master)]# klist
Credentials cache: FILE:/tmp/krb5cc_0
Principal: administrator at BROCKLEY.HARTE-LYNE.CA
Issued Expires Principal
Jul 2 10:35:11 2020 Jul 2 20:35:11 2020
krbtgt/BROCKLEY.HARTE-LYNE.CA at BROCKLEY.HARTE-LYNE.CA
[root at smb4-1 ~ (master)]# grep nsup /usr/local/etc/smb4.conf
dns update command = /usr/local/bin/nsupdate
nsupdate command = /usr/local/bin/nsupdate -v -L4 -D
[root at smb4-1 ~ (master)]# samba-tool dns query localhost
brockley.harte-lyne.ca
brockley.harte-lyne.ca ALL -U administrator
Password for [BROCKLEY\administrator]:
Name=, Records=3, Children=0
SOA: serial=1, refresh=900, retry=600, expire=86400, minttl=3600,
ns=smb4-1.brockley.harte-lyne.ca., email=hostmaster.brockley.harte-lyne.ca.
(flags=600000f0, serial=1, ttl=3600)
NS: smb4-1.brockley.harte-lyne.ca. (flags=600000f0, serial=1, ttl=900)
A: 192.168.18.161 (flags=600000f0, serial=1, ttl=900)
Name=_msdcs, Records=0, Children=0
Name=_sites, Records=0, Children=1
Name=_tcp, Records=0, Children=4
Name=_udp, Records=0, Children=2
Name=DomainDnsZones, Records=0, Children=2
Name=ForestDnsZones, Records=0, Children=2
Name=smb4-1, Records=1, Children=0
A: 192.168.18.161 (flags=f0, serial=1, ttl=900)
[root at smb4-1 ~ (master)]# samba_dnsupdate --verbose -d8 --all-names
. . .
update(nsupdate): SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.brockley.harte-lyne.ca
SMB4-1.brockley.harte-lyne.ca 389
Calling nsupdate for SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.brockley.harte-lyne.ca
SMB4-1.brockley.harte-lyne.ca 389 (add)
Starting GENSEC mechanism gssapi_krb5_sasl
GSSAPI credentials for SMB4-1$@BROCKLEY.HARTE-LYNE.CA will expire in 35998 secs
Successfully obtained Kerberos ticket to DNS/SMB4-1.brockley.harte-lyne.ca as
SMB4-1$
setup_system()
02-Jul-2020 14:36:09.221 dns_requestmgr_create
02-Jul-2020 14:36:09.222 dns_requestmgr_create: 0x800f726b0
reset_system()
user_interaction()
do_next_command()
do_next_command()
evaluate_update()
update_addordelete()
do_next_command()
show_message()
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.brockley.harte-lyne.ca.
900 IN SRV 0 100 389 SMB4-1.brockley.harte-lyne.ca.
do_next_command()
start_update()
02-Jul-2020 14:36:09.223 dns_request_createvia
02-Jul-2020 14:36:09.226 request_render
02-Jul-2020 14:36:09.226 requestmgr_attach: 0x800f726b0: eref 1 iref 1
02-Jul-2020 14:36:09.226 mgr_gethash
02-Jul-2020 14:36:09.226 req_send: request 0x800f86540
02-Jul-2020 14:36:09.226 dns_request_createvia: request 0x800f86540
02-Jul-2020 14:36:09.226 req_senddone: request 0x800f86540
02-Jul-2020 14:36:09.226 req_response: request 0x800f86540: success
02-Jul-2020 14:36:09.227 req_cancel: request 0x800f86540
02-Jul-2020 14:36:09.227 req_sendevent: request 0x800f86540
recvsoa()
About to create rcvmsg
02-Jul-2020 14:36:09.227 dns_request_getresponse: request 0x800f86540
show_message()
Reply from SOA query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41271
;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.brockley.harte-lyne.ca.
IN SOA
;; AUTHORITY SECTION:
brockley.harte-lyne.ca. 3600 IN SOA SMB4-1.brockley.harte-lyne.ca.
hostmaster.brockley.harte-lyne.ca. 1 900 600 86400 3600
Found zone name: brockley.harte-lyne.ca
The master is: SMB4-1.brockley.harte-lyne.ca
send_update()
Sending update to 192.168.18.161#53
02-Jul-2020 14:36:09.227 dns_request_createvia
02-Jul-2020 14:36:09.227 request_render
02-Jul-2020 14:36:09.227 requestmgr_attach: 0x800f726b0: eref 1 iref 2
02-Jul-2020 14:36:09.227 mgr_gethash
02-Jul-2020 14:36:09.227 dns_request_createvia: request 0x800f866c0
show_message()
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 15453
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.brockley.harte-lyne.ca.
900 IN SRV 0 100 389 SMB4-1.brockley.harte-lyne.ca.
02-Jul-2020 14:36:09.227 dns_request_destroy: request 0x800f86540
02-Jul-2020 14:36:09.227 req_destroy: request 0x800f86540
02-Jul-2020 14:36:09.227 requestmgr_detach: 0x800f726b0: eref 1 iref 1
Out of recvsoa
02-Jul-2020 14:36:09.227 req_connected: request 0x800f866c0
02-Jul-2020 14:36:09.228 req_send: request 0x800f866c0
02-Jul-2020 14:36:09.228 req_senddone: request 0x800f866c0
02-Jul-2020 14:36:09.228 req_response: request 0x800f866c0: success
02-Jul-2020 14:36:09.228 req_cancel: request 0x800f866c0
02-Jul-2020 14:36:09.228 req_sendevent: request 0x800f866c0
update_completed()
02-Jul-2020 14:36:09.228 dns_request_getresponse: request 0x800f866c0
show_message()
Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: REFUSED, id: 15453
;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
;; ZONE SECTION:
;brockley.harte-lyne.ca. IN SOA
;; UPDATE SECTION:
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.brockley.harte-lyne.ca.
900 IN SRV 0 100 389 SMB4-1.brockley.harte-lyne.ca.
02-Jul-2020 14:36:09.228 dns_request_destroy: request 0x800f866c0
02-Jul-2020 14:36:09.228 req_destroy: request 0x800f866c0
02-Jul-2020 14:36:09.228 requestmgr_detach: 0x800f726b0: eref 1 iref 0
done_update()
reset_system()
user_interaction()
cleanup()
Shutting down task manager
shutdown_program()
Shutting down request manager
02-Jul-2020 14:36:09.228 dns_requestmgr_shutdown: 0x800f726b0
02-Jul-2020 14:36:09.228 send_shutdown_events: 0x800f726b0
Destroy DST lib
Destroying request manager
02-Jul-2020 14:36:09.228 dns_requestmgr_detach: 0x800f726b0: eref 0 iref 0
02-Jul-2020 14:36:09.228 mgr_destroy
Freeing the dispatchers
Shutting down dispatch manager
Destroying event
Shutting down socket manager
Shutting down timer manager
Removing log context
Destroying memory context
Failed nsupdate: 2
. . .
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3