thr3ads.net - samba - [Samba] samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists" [Sep 2021]

If this information is useful, please help other people find it:
Share via:

Rowland Penny

2021-Sep-08 15:59 UTC

[Samba] samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists"

On Wed, 2021-09-08 at 16:29 +0100, Carlos Jesus wrote:> They're here....
OK, try these, based on my working (for the last 9 years) files, with
data from yours:

/etc/bind/named.conf

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

/etc/bind/named.conf.options

acl internals {
   127.0.0.0/8;
   192.168.1.0/24;
};

options {
    directory "/var/cache/bind";
    auth-nxdomain yes;
    notify no;
    empty-zones-enable no;
    allow-query { acl internals; };
    allow-recursion { acl internals; };
    listen-on-v6 { none; };
    forwarders {
        8.8.8.8;
        8.8.4.4;
    };
    dnssec-enable no;
    dnssec-validation no;
    tkey-gssapi-keytab "/usr/local/samba/bind-dns/dns.keytab";
    minimal-responses yes;
};

logging {
  channel bind_log {
    file "/var/log/bind/bind.log" versions 3 size 5m;
    severity notice;
    print-category yes;
    print-severity yes;
    print-time yes;
  };
  category default { bind_log; };
  category update { bind_log; };
  category update-security { bind_log; };
  category security { bind_log; };
  category queries { bind_log; };
  category lame-servers { null; };
};

/etc/bind/named.conf.local
include "/usr/local/samba/bind-dns/named.conf";

/etc/bind/named.conf.default-zones

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/usr/share/dns/root.hints";
};

// be authoritative for the localhost forward and reverse zones, and
for
// broadcast zones as per RFC 1912

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};

Rowland

Carlos Jesus

2021-Sep-09 00:30 UTC

head link

[Samba] samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists"

Hey Roland,thanks for the files. I've been "on the road" and only
now
(1:25AM) could do some tests
I think that when you say     allow-query { acl internals; }; and
allow-recursion { acl internals; }; you actually mean  allow-query
{internals; }; and
    allow-recursion { internals; }; refering to the "acl internals"
previously created? Well, after that modification, the files worked and
everything is now cleaner.
It's still throwing errors, but I have a few theories about the keytab but
I'll try again tomorrow. Well, later on today anyway...
I'll probably ask for more help, but thanks again.

best regards
CJ

Rowland Penny <rpenny at samba.org> escreveu no dia quarta, 8/09/2021 ?(s)
16:59:
> On Wed, 2021-09-08 at 16:29 +0100, Carlos Jesus wrote:
> > They're here....
>
> OK, try these, based on my working (for the last 9 years) files, with
> data from yours:
>
> /etc/bind/named.conf
>
> include "/etc/bind/named.conf.options";
> include "/etc/bind/named.conf.local";
> include "/etc/bind/named.conf.default-zones";
>
> /etc/bind/named.conf.options
>
> acl internals {
>    127.0.0.0/8;
>    192.168.1.0/24;
> };
>
> options {
>     directory "/var/cache/bind";
>     auth-nxdomain yes;
>     notify no;
>     empty-zones-enable no;
>     allow-query { acl internals; };
>     allow-recursion { acl internals; };
>     listen-on-v6 { none; };
>     forwarders {
>         8.8.8.8;
>         8.8.4.4;
>     };
>     dnssec-enable no;
>     dnssec-validation no;
>     tkey-gssapi-keytab "/usr/local/samba/bind-dns/dns.keytab";
>     minimal-responses yes;
> };
>
> logging {
>   channel bind_log {
>     file "/var/log/bind/bind.log" versions 3 size 5m;
>     severity notice;
>     print-category yes;
>     print-severity yes;
>     print-time yes;
>   };
>   category default { bind_log; };
>   category update { bind_log; };
>   category update-security { bind_log; };
>   category security { bind_log; };
>   category queries { bind_log; };
>   category lame-servers { null; };
> };
>
> /etc/bind/named.conf.local
> include "/usr/local/samba/bind-dns/named.conf";
>
> /etc/bind/named.conf.default-zones
>
> // prime the server with knowledge of the root servers
> zone "." {
>         type hint;
>         file "/usr/share/dns/root.hints";
> };
>
> // be authoritative for the localhost forward and reverse zones, and
> for
> // broadcast zones as per RFC 1912
>
> zone "localhost" {
>         type master;
>         file "/etc/bind/db.local";
> };
>
> zone "127.in-addr.arpa" {
>         type master;
>         file "/etc/bind/db.127";
> };
>
> zone "0.in-addr.arpa" {
>         type master;
>         file "/etc/bind/db.0";
> };
>
> zone "255.in-addr.arpa" {
>         type master;
>         file "/etc/bind/db.255";
> };
>
> Rowland
>
>
>

samba - Sep 2021 - samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists"

[Samba] samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists"

[Samba] samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists"