Carlos Jesus
2021-Sep-08 15:29 UTC
[Samba] samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists"
They're here....
named.conf:
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
include "/usr/local/samba/bind-dns/named.conf";
include "/etc/bind/named.conf.samba";
include "/etc/bind/named.conf.log";
named.conf.default-zones
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
named.conf.local
acl internals {
127.0.0.0/8;
192.168.1.0/24;
};
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 allow {localhost; } keys { "rndc-key"; };
};
named.conf.options:
dnssec-validation auto;
directory "/var/cache/bind";
named.conf.log:
logging {
channel bind_log {
file "/var/log/bind/bind.log" versions 3 size 5m;
severity notice;
print-category yes;
print-severity yes;
print-time yes;
};
category default { bind_log; };
category update { bind_log; };
category update-security { bind_log; };
category security { bind_log; };
category queries { bind_log; };
category lame-servers { null; };
};
named.conf.samba
options {
auth-nxdomain yes;
directory "/var/cache/bind";
notify no;
empty-zones-enable no;
dnssec-validation auto;
tkey-gssapi-keytab "/usr/local/samba/bind-dns/dns.keytab";
minimal-responses yes;
allow-query {
127.0.0.1;
192.168.1.0/24;
};
allow-recursion {
127.0.0.1;
192.168.1.0/24;
};
forwarders {
8.8.8.8;
8.8.4.4;
};
allow-transfer {
none;
};
};
zone "." {
type hint;
file "named.root";
};
zone "localhost" {
type master;
file "master/localhost.zone";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "master/0.0.127.zone";
};
Rowland Penny via samba <samba at lists.samba.org> escreveu no dia quarta,
8/09/2021 ?(s) 15:29:
> On Wed, 2021-09-08 at 15:22 +0100, Carlos Jesus wrote:
> > Hello again Rowland,
> > unfortunately, the problem seems to have escalated
> >
> > Sep 08 14:04:21 EhSecondary named[3299]: samba_dlz: started for DN
> > DC=SAMDOM,DC=local
> > Sep 08 14:04:21 EhSecondary named[3299]: samba_dlz: starting
> > configure
> > Sep 08 14:04:21 EhSecondary named[3299]: samba_dlz: configured
> > writeable zone 'SAMDOM.local'
> > Sep 08 14:04:21 EhSecondary named[3299]: samba_dlz: configured
> > writeable zone '1.168.192.in-addr.arpa'
> > Sep 08 14:04:21 EhSecondary named[3299]: none:106: 'max-cache-size
> > 90%' - setting to 1795MB (out of 1994MB)
> > Sep 08 14:04:21 EhSecondary named[3299]: obtaining root key for view
> > _default from '/etc/bind/bind.keys'
> > Sep 08 14:04:21 EhSecondary named[3299]: set up managed keys zone for
> > view _default, file 'managed-keys.bind'
> > Sep 08 14:04:21 EhSecondary named[3299]: none:106: 'max-cache-size
> > 90%' - setting to 1795MB (out of 1994MB)
> > Sep 08 14:04:21 EhSecondary named[3299]: command channel listening on
> > 127.0.0.1#953
> > Sep 08 14:04:21 EhSecondary systemd[1]: Started BIND Domain Name
> > Server.
> >
>
> Please post your named.conf files.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
Rowland Penny
2021-Sep-08 15:59 UTC
[Samba] samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists"
On Wed, 2021-09-08 at 16:29 +0100, Carlos Jesus wrote:> They're here....OK, try these, based on my working (for the last 9 years) files, with data from yours: /etc/bind/named.conf include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; /etc/bind/named.conf.options acl internals { 127.0.0.0/8; 192.168.1.0/24; }; options { directory "/var/cache/bind"; auth-nxdomain yes; notify no; empty-zones-enable no; allow-query { acl internals; }; allow-recursion { acl internals; }; listen-on-v6 { none; }; forwarders { 8.8.8.8; 8.8.4.4; }; dnssec-enable no; dnssec-validation no; tkey-gssapi-keytab "/usr/local/samba/bind-dns/dns.keytab"; minimal-responses yes; }; logging { channel bind_log { file "/var/log/bind/bind.log" versions 3 size 5m; severity notice; print-category yes; print-severity yes; print-time yes; }; category default { bind_log; }; category update { bind_log; }; category update-security { bind_log; }; category security { bind_log; }; category queries { bind_log; }; category lame-servers { null; }; }; /etc/bind/named.conf.local include "/usr/local/samba/bind-dns/named.conf"; /etc/bind/named.conf.default-zones // prime the server with knowledge of the root servers zone "." { type hint; file "/usr/share/dns/root.hints"; }; // be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912 zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; }; Rowland