Gary Maurizi
2013-Jun-02 07:04 UTC
[Samba] dynamic DNS Updates still failing, re-installed 9 more times, tried everything I could think of, now bald.
I have tried everything, This is CentOS 6.4 with SELinux DISABLED, Bind version BIND 9.8.2rc1-RedHat-9.8.2-0.17, samba 4.0.6 downloaded as a tar.gz from samba.org -- I have read EVERY maillinglist, IRC Log, how-to on google, tutorial on samba.org, and many many people have had this problem and not once have any of the posters resolved it, so I am now a desperate man reaching out to you with as much information as I can give, I pray(and I'm not a religious man) one of you can help me. I am on a timeclock here. I have included every config, every related log, the output of every command to test samba, at the following URL: http://pastebin.com/2XvbRzQh I desperately do not want to install windows server, when I have the opportunity to learn the samba way of things, I am an avid open source enthusiast here, and I've been running some flavor of linux for 16 years, and samba for about as long. The error I am left with, and little to no other information in my logs is thus: 01-Jun-2013 14:56:05.799 samba_dlz: starting transaction on zone mtolympus.local 01-Jun-2013 14:56:05.800 client 10.0.0.106#60674: update 'mtolympus.local/IN' denied 01-Jun-2013 14:56:05.800 samba_dlz: cancelling transaction on zone mtolympus.local Thanks beyond measure for your help, Beers on me if you're a local. --GM.
Thomas Simmons
2013-Jun-02 07:53 UTC
[Samba] dynamic DNS Updates still failing, re-installed 9 more times, tried everything I could think of, now bald.
Myself and another person ran into this a few months back. We couldn't find a solution. https://lists.samba.org/archive/samba/2013-March/172368.html http://lists.samba.org/archive/samba/2013-April/172670.html On Sun, Jun 2, 2013 at 3:04 AM, Gary Maurizi <garymaurizi at gmail.com> wrote:> I have tried everything, This is CentOS 6.4 with SELinux DISABLED, Bind > version BIND 9.8.2rc1-RedHat-9.8.2-0.17, samba 4.0.6 downloaded as a tar.gz > from samba.org -- I have read EVERY maillinglist, IRC Log, how-to on > google, tutorial on samba.org, and many many people have had this problem > and not once have any of the posters resolved it, so I am now a desperate > man reaching out to you with as much information as I can give, I pray(and > I'm not a religious man) one of you can help me. I am on a timeclock here. > > I have included every config, every related log, the output of every > command to test samba, at the following URL: http://pastebin.com/2XvbRzQh > > I desperately do not want to install windows server, when I have the > opportunity to learn the samba way of things, I am an avid open source > enthusiast here, and I've been running some flavor of linux for 16 years, > and samba for about as long. > > The error I am left with, and little to no other information in my logs is > thus: > > 01-Jun-2013 14:56:05.799 samba_dlz: starting transaction on zone > mtolympus.local > 01-Jun-2013 14:56:05.800 client 10.0.0.106#60674: update > 'mtolympus.local/IN' denied > 01-Jun-2013 14:56:05.800 samba_dlz: cancelling transaction on zone > mtolympus.local > > Thanks beyond measure for your help, > Beers on me if you're a local. > --GM. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Gary Maurizi
2013-Jun-02 08:46 UTC
[Samba] dynamic DNS Updates still failing, re-installed 9 more times, tried everything I could think of, now bald.
This is a follow up to my previous... Thomas, I have tried everything else I can think of, I WAS able to get further debugging information out of samba, winbind, bind9_dlz, and whats going wrong in this process for us, but I am not a developer I have no way of knowing if this will be useful to you or anyone but I figure I should put it out so someday this can get fixed, Thanks: smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET ..... [2013/06/02 00:59:53.472357, 3] ../source3/smbd/password.c:144(register_homes_share) Adding homes service for user 'MTOLYMPUS\GM-BED-DESK-01$' using home directory: '/home/MTOLYMPUS/GM-BED-DESK-01$' [2013/06/02 00:59:53.509694, 3] ../source3/lib/access.c:338(allow_access) Allowed connection from 10.0.0.106 (10.0.0.106) [2013/06/02 00:59:53.509825, 3] ../source3/smbd/service.c:612(make_connection_snum) Connect path is '/tmp' for service [IPC$] ..... Module 'acl_xattr' loaded [2013/06/02 00:59:53.512469, 3] ../source3/smbd/vfs.c:139(vfs_init_custom) Initialising custom vfs hooks from [dfs_samba4] [2013/06/02 00:59:53.512515, 2] ../source3/modules/vfs_acl_xattr.c:193(connect_acl_xattr) connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service IPC$ [2013/06/02 00:59:53.515689, 3] ../source3/smbd/service.c:847(make_connection_snum) 10.0.0.106 (ipv4:10.0.0.106:50958) connect to service IPC$ initially as user MTOLYMPUS\GM-BED-DESK-01$ (uid=3000017, gid=3000018) (pid 6993) [2013/06/02 01:00:05.459651, 3] ../source3/smbd/service.c:1121(close_cnum) 10.0.0.106 (ipv4:10.0.0.106:50958) closed connection to service IPC$ [2013/06/02 01:00:05.502497, 2] ../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming) smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET [2013/06/02 01:00:05.502695, 3] ../source3/smbd/server_exit.c:218(exit_server_common) Server exit (NT_STATUS_CONNECTION_RESET) [2013/06/02 01:01:31.833681, 3] ../source3/lib/access.c:338(allow_access) Allowed connection from 10.0.0.106 (10.0.0.106) .... Initialising custom vfs hooks from [dfs_samba4] [2013/06/02 01:01:32.006355, 2] ../source3/modules/vfs_acl_xattr.c:193(connect_acl_xattr) connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service sysvol [2013/06/02 01:01:32.009587, 1] ../source3/smbd/service.c:847(make_connection_snum) 10.0.0.106 (ipv4:10.0.0.106:50965) connect to service sysvol initially as user MTOLYMPUS\Administrator (uid=0, gid=100) (pid 7020) [2013/06/02 01:01:32.080520, 3] ../source3/smbd/vfs.c:1140(check_reduced_name) check_reduced_name [mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI] [/usr/local/samba/var/locks/sysvol] [2013/06/02 01:01:32.080578, 3] ../source3/smbd/vfs.c:1270(check_reduced_name) check_reduced_name: mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI reduced to /usr/local/samba/var/locks/sysvol/mtolympus.local/P$ [2013/06/02 01:01:32.080813, 3] ../source3/smbd/dosmode.c:160(unix_mode) unix_mode(mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI) returning 0644 [2013/06/02 01:01:32.080973, 2] ../source3/smbd/open.c:914(open_file) MTOLYMPUS\Administrator opened file mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI read=Yes write=No (numopen=1) [2013/06/02 01:01:32.118390, 3] ../source3/smbd/smb2_read.c:352(smb2_read_complete) smbd_smb2_read: fnum 3959339474, file mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI, length=20 offset=0 read=20 [2013/06/02 01:01:43.963700, 2] ../source3/smbd/close.c:850(close_normal_file) MTOLYMPUS\Administrator closed file mtolympus.local/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI (numopen=0) NT_STATUS_OK [2013/06/02 01:01:56.053624, 1] ../source3/smbd/service.c:1121(close_cnum) 10.0.0.106 (ipv4:10.0.0.106:50965) closed connection to service sysvol [2013/06/02 01:01:56.101360, 2] ../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming) smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET [2013/06/02 01:01:56.101562, 3] ../source3/smbd/server_exit.c:218(exit_server_common) Server exit (NT_STATUS_CONNECTION_RESET) [2013/06/02 01:14:53.720664, 3] ../source3/lib/access.c:338(allow_access) Allowed connection from 10.0.0.106 (10.0.0.106) [2013/06/02 01:14:53.720865, 3] ../source3/smbd/oplock.c:985(init_oplocks) init_oplocks: initializing messages. [2013/06/02 01:14:53.721068, 3] ../source3/smbd/process.c:1794(process_smb) Transaction 0 of length 159 (0 toread) .... [2013/06/02 01:14:53.935429, 3] ../source3/smbd/vfs.c:139(vfs_init_custom) Initialising custom vfs hooks from [dfs_samba4] [2013/06/02 01:14:53.935474, 2] ../source3/modules/vfs_acl_xattr.c:193(connect_acl_xattr) connect_acl_xattr: setting 'inherit acls = true' 'dos filemode = true' and 'force unknown acl user = true' for service IPC$ [2013/06/02 01:14:53.938641, 3] ../source3/smbd/service.c:847(make_connection_snum) 10.0.0.106 (ipv4:10.0.0.106:63570) connect to service IPC$ initially as user MTOLYMPUS\GM-BED-DESK-01$ (uid=3000017, gid=3000018) (pid 7083) [2013/06/02 01:15:05.833518, 3] ../source3/smbd/service.c:1121(close_cnum) 10.0.0.106 (ipv4:10.0.0.106:63570) closed connection to service IPC$ [2013/06/02 01:15:05.876373, 2] ../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming) smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET [2013/06/02 01:15:05.876577, 3] ../source3/smbd/server_exit.c:218(exit_server_common) Server exit (NT_STATUS_CONNECTION_RESET) [2013/06/02 01:29:54.103668, 3] ../source3/lib/access.c:338(allow_access) Allowed connection from 10.0.0.106 (10.0.0.106) [2013/06/02 01:29:54.103869, 3] ../source3/smbd/oplock.c:985(init_oplocks) ..... [2013/06/02 01:29:54.172003, 3] ../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect) ldb_wrap open of secrets.ldb [2013/06/02 01:29:54.265211, 3] ../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect) ldb_wrap open of secrets.ldb [2013/06/02 01:29:54.273773, 3] ../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect) ldb_wrap open of privilege.ldb [2013/06/02 01:29:54.313487, 2] ../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming) smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET [2013/06/02 01:29:54.313683, 3] ../source3/smbd/server_exit.c:218(exit_server_common) Server exit (NT_STATUS_CONNECTION_RESET) [2013/06/02 01:29:54.355509, 3] ../source3/lib/access.c:338(allow_access) Allowed connection from 10.0.0.106 (10.0.0.106) [2013/06/02 01:29:54.355707, 3] ../source3/smbd/oplock.c:985(init_oplocks) init_oplocks: initializing messages. [2013/06/02 01:29:54.355914, 3] ../source3/smbd/process.c:1794(process_smb) Transaction 0 of length 110 (0 toread) [2013/06/02 01:29:54.356143, 3] ../source3/smbd/smb2_negprot.c:243(smbd_smb2_request_process_negprot) Selected protocol SMB3_00 [2013/06/02 01:29:54.358053, 3] ../auth/gensec/gensec_start.c:868(gensec_register) GENSEC backend 'gssapi_spnego' registered [2013/06/02 01:29:54.358112, 3] ../auth/gensec/gensec_start.c:868(gensec_register) ............. AUTH backend 'name_to_ntstatus' registered [2013/06/02 01:29:54.378775, 3] ../source4/auth/ntlm/auth.c:673(auth_register) AUTH backend 'unix' registered [2013/06/02 01:29:54.428154, 3] ../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect) ldb_wrap open of secrets.ldb [2013/06/02 01:29:54.436766, 3] ../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect) ldb_wrap open of privilege.ldb [2013/06/02 01:29:54.476359, 2] ../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming) smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET [2013/06/02 01:29:54.476559, 3] ../source3/smbd/server_exit.c:218(exit_server_common) Server exit (NT_STATUS_CONNECTION_RESET) [2013/06/02 01:29:54.519457, 3] ../source3/lib/access.c:338(allow_access) Allowed connection from 10.0.0.106 (10.0.0.106) [2013/06/02 01:29:54.519661, 3] ../source3/smbd/oplock.c:985(init_oplocks) ...... [2013/06/02 01:29:54.705779, 3] ../source4/auth/ntlm/auth.c:673(auth_register) AUTH backend 'unix' registered [2013/06/02 01:29:54.761056, 3] ../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect) ldb_wrap open of secrets.ldb [2013/06/02 01:29:54.769570, 3] ../lib/ldb-samba/ldb_wrap.c:318(ldb_wrap_connect) ldb_wrap open of privilege.ldb [2013/06/02 01:29:54.806357, 2] ../source3/smbd/smb2_server.c:3250(smbd_smb2_request_incoming) smbd_smb2_request_incoming: client read error NT_STATUS_CONNECTION_RESET [2013/06/02 01:29:54.806565, 3] ../source3/smbd/server_exit.c:218(exit_server_common) Server exit (NT_STATUS_CONNECTION_RESET) On Sun, Jun 2, 2013 at 1:26 AM, Thomas Simmons <twsnnva at gmail.com> wrote:> Hi Gary, > > Unfortunately, I have been all but taken away from my primary job over the > past few month - our company headquarters just relocated this past weekend > and I've been dealing with the preparation and execution of that. I hope to > get back to this very soon. All I could do was increase my DHCP lease time > so IPs would not change so frequently. When some system is showing weird, > off-the-wall problems, the first thing I check is the DNS record. I've > moved many systems to static IPs. Like you, I've been a Linux enthusiast > for many years, and have been doing this for a living since the 90's. For > 7-8 years I was the only person in IT and never had a problem I couldn't > figure out before this. Unfortunately, there simply isn't enough > information to troubleshoot the problem as nothing useful gets logged. The > best information I've found was from BIND's debug output: > > 28-Mar-2013 08:26:15.759 failed gss_inquire_cred: GSSAPI error: Major > = Unspecified GSS failure. Minor code may provide more information, > Minor = Success. > 28-Mar-2013 08:26:15.760 failed gss_accept_sec_context: GSSAPI error: > Major = Unspecified GSS failure. Minor code may provide more > information, Minor = . > 28-Mar-2013 08:26:15.760 process_gsstkey(): dns_tsigerror_badkey > > > Sadly, migrating to Windows Server may be the only solution. If you do come up with something, please let me know. In total, I spent at least 50-60 man hours on this and got nowhere. > > > > On Sun, Jun 2, 2013 at 3:56 AM, Gary Maurizi <garymaurizi at gmail.com>wrote: > >> Thomas, >> >> Your post was exactly what I was referring too! small world. >> >> Unfortunately for me this is a feature I absolutely have to have working >> for staff reasons, what did you end up doing ultimately? giving up? moving >> distros? >> >> Thank you so much, I really appreciate your response and believe that if >> this many people have had this issue without resolve this is a bug that >> needs to be acknowledged, tracked, reported, and resolved. >> >> >> On Sun, Jun 2, 2013 at 12:53 AM, Thomas Simmons <twsnnva at gmail.com>wrote: >> >>> Myself and another person ran into this a few months back. We couldn't >>> find a solution. >>> >>> https://lists.samba.org/archive/samba/2013-March/172368.html >>> http://lists.samba.org/archive/samba/2013-April/172670.html >>> >>> >>> On Sun, Jun 2, 2013 at 3:04 AM, Gary Maurizi <garymaurizi at gmail.com>wrote: >>> >>>> I have tried everything, This is CentOS 6.4 with SELinux DISABLED, Bind >>>> version BIND 9.8.2rc1-RedHat-9.8.2-0.17, samba 4.0.6 downloaded as a >>>> tar.gz >>>> from samba.org -- I have read EVERY maillinglist, IRC Log, how-to on >>>> google, tutorial on samba.org, and many many people have had this >>>> problem >>>> and not once have any of the posters resolved it, so I am now a >>>> desperate >>>> man reaching out to you with as much information as I can give, I >>>> pray(and >>>> I'm not a religious man) one of you can help me. I am on a timeclock >>>> here. >>>> >>>> I have included every config, every related log, the output of every >>>> command to test samba, at the following URL: >>>> http://pastebin.com/2XvbRzQh >>>> >>>> I desperately do not want to install windows server, when I have the >>>> opportunity to learn the samba way of things, I am an avid open source >>>> enthusiast here, and I've been running some flavor of linux for 16 >>>> years, >>>> and samba for about as long. >>>> >>>> The error I am left with, and little to no other information in my logs >>>> is >>>> thus: >>>> >>>> 01-Jun-2013 14:56:05.799 samba_dlz: starting transaction on zone >>>> mtolympus.local >>>> 01-Jun-2013 14:56:05.800 client 10.0.0.106#60674: update >>>> 'mtolympus.local/IN' denied >>>> 01-Jun-2013 14:56:05.800 samba_dlz: cancelling transaction on zone >>>> mtolympus.local >>>> >>>> Thanks beyond measure for your help, >>>> Beers on me if you're a local. >>>> --GM. >>>> -- >>>> To unsubscribe from this list go to the following URL and read the >>>> instructions: https://lists.samba.org/mailman/options/samba >>>> >>> >>> >> >
Reasonably Related Threads
- Samba 4.17 AD Cannot connect to shares as administrator
- Samba 4.17 Cannot join Win7 clients to domain
- Samba 4.17 Cannot join Win7 clients to domain
- Samba 4.17 Cannot join Win7 clients to domain
- Please Help! Dynamic DNS just will not work: " failed gss_inquire_cred: GSSAPI error: Major = Unspecified GSS failure"