So you're saying it really doen't matter which I use? Okay, I'll
just
use the one in private vs. the one in bind-dns. Now if I can only figure
out why it's complaining about the sam.ldb file:
Dec 11 09:07:10 pluto named[733]: samba_dlz: Unable to get basedn for
/var/lib/samba/private/dns/sam.ldb - NULL Base DN invalid for a base search
That's causing named to terminate with an error:
Dec 11 09:07:10 pluto named[733]: samba_dlz: FAILED dlz_create call
result=25 #refs=0
Dec 11 09:07:10 pluto named[733]: dlz_dlopen of 'AD DNS Zone' failed
Dec 11 09:07:10 pluto named[733]: SDLZ driver failed to load.
Dec 11 09:07:10 pluto named[733]: DLZ driver failed to load.
Dec 11 09:07:10 pluto named[733]: loading configuration: failure
Dec 11 09:07:10 pluto named[733]: exiting (due to fatal error)
Dec 11 09:07:11 pluto systemd[1]: named.service: Main process exited,
code=exited, status=1/FAILURE
Dec 11 09:07:11 pluto systemd[1]: named.service: Failed with result
'exit-code'.
Any tips?
On 12/11/2020 2:37 AM, Rowland penny via samba wrote:> On 11/12/2020 09:26, Dan Egli wrote:
>> ?I ran the samba_dnsupgrade and it created TWO dns.keytab files. You
>> said it won't create one in /var/lib/samba/bind-dns directory, but
it
>> did. At least, SOMETHING put a file there. Still, if you say it
>> shouldn't be there, then perhaps I should rm it and point my bind
>> config to the other.
>>
> No, I didn't say that, I said that you do not get the keytab in the
> bind-dns dir when you join a DC, but you do when you provision a new
> DC or run samba_dnsupdate. What the code actually does is to create
> the keytab in the private dir and then copy it to the bind-dns dir, so
> yes, you do end up with two keytabs.
>
> There is a bug report about this:
> https://bugzilla.samba.org/show_bug.cgi?id=14535
>
> And here is my fix:
> https://gitlab.com/samba-team/samba/-/merge_requests/1642
>
> Which unfortunately was rejected even though it works.
>
> Rowland
>
>
>
--
Dan Egli
From my Test Server