Sven Geggus
2014-Mar-05 09:20 UTC
[Samba] Does automatic DNS PTR generation in Samba4 AD DC work at all?
Hello, I'm currently running a test setup with Samba4 internal DNS (Version 4.1.5 from Debian backports) and 2 clients (Linux and a Windows). Everything seems to work so far. However, I do not manage to get automatic PTR generation working. I'm using the internal DNS at the moment, but I wouldn't mind changing to bind if this will make it work. While reverse DNS seem to work with manually generated entries (from Windows DNS Manager, samba-tool does not work for this either) the automatic generation does not seem to work. When trying to trigger generation in mmc it tells me that the entry already exists. Is this a known issue? Regards Sven -- Trotz der zunehmenden Verbreitung von Linux erfreut sich der B?r, und - dank Knut - insbesondere der Eisb?r, deutlich gr??erer Beliebtheit als der Pinguin. (Gefunden bei http://telepolis.de/) /me is giggls at ircnet, http://sven.gegg.us/ on the Web
Daniel Müller
2014-Mar-05 09:31 UTC
[Samba] Does automatic DNS PTR generation in Samba4 AD DC work at all?
Hello again, to make reverse DNS work on the fly with samba 4.1 you just have to create the reverse lookup zone with samba-tool,ex: samba-tool dns zonecreate your-samba-dns-server 135.168.192.in-addr.arpa. Then every client that register will auto get a reverse entry. If you do it by hand the automatic dns update of the client will be denied in your log files and will not succeed. EDV Daniel M?ller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 T?bingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: mueller at tropenklinik.de Internet: www.tropenklinik.de "Der Mensch ist die Medizin des Menschen" -----Urspr?ngliche Nachricht----- Von: samba-bounces at lists.samba.org [mailto:samba-bounces at lists.samba.org] Im Auftrag von Sven Geggus Gesendet: Mittwoch, 5. M?rz 2014 10:21 An: samba at lists.samba.org Betreff: [Samba] Does automatic DNS PTR generation in Samba4 AD DC work at all? Hello, I'm currently running a test setup with Samba4 internal DNS (Version 4.1.5 from Debian backports) and 2 clients (Linux and a Windows). Everything seems to work so far. However, I do not manage to get automatic PTR generation working. I'm using the internal DNS at the moment, but I wouldn't mind changing to bind if this will make it work. While reverse DNS seem to work with manually generated entries (from Windows DNS Manager, samba-tool does not work for this either) the automatic generation does not seem to work. When trying to trigger generation in mmc it tells me that the entry already exists. Is this a known issue? Regards Sven -- Trotz der zunehmenden Verbreitung von Linux erfreut sich der B?r, und - dank Knut - insbesondere der Eisb?r, deutlich gr??erer Beliebtheit als der Pinguin. (Gefunden bei http://telepolis.de/) /me is giggls at ircnet, http://sven.gegg.us/ on the Web -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
L.P.H. van Belle
2014-Mar-05 12:06 UTC
[Samba] Does automatic DNS PTR generation in Samba4 AD DC work at all?
Hai i guess this is not working correcly.. or im missing something. I used the windows RATS tool to create the reverse zone. ( with the first pc i joined in the domain ) i joined with 2 pc's ( win7 32bit and win7 64bit) with static ips. none of these pc's got the ptr record automaticly. :-) any tips ? ( debian wheezy, samba 4.1.5 backports ) can you explain this a bit more.>If you do it by hand the automatic dns update of the client >will be denied in your log files and will not succeed.I've seen a denied message im my logs. Mar 4 13:33:26 RTD-DC1 named[32667]: client 10.249.250.64#52886: update 'INTERNAL.DOMAIN.TLD/IN' denied Mar 4 13:33:26 RTD-DC1 named[32667]: samba_dlz: cancelling transaction on zone INTERNAL.DOMAIN.TLD Mar 4 13:33:26 RTD-DC1 named[32667]: samba_dlz: starting transaction on zone INTERNAL.DOMAIN.TLD Mar 4 13:33:26 RTD-DC1 named[32667]: samba_dlz: allowing update of signer=admin-pc\$\@INTERNAL.DOMAIN.TLD name=Admin-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=AAAA key=808-ms-7.1-6f64.302d95ec-a399-11e3-e2ad-d067e50ae371/160/0 Mar 4 13:33:26 RTD-DC1 named[32667]: samba_dlz: allowing update of signer=admin-pc\$\@INTERNAL.DOMAIN.TLD name=Admin-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=A key=808-ms-7.1-6f64.302d95ec-a399-11e3-e2ad-d067e50ae371/160/0 Mar 4 13:33:26 RTD-DC1 named[32667]: samba_dlz: allowing update of signer=admin-pc\$\@INTERNAL.DOMAIN.TLD name=Admin-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=A key=808-ms-7.1-6f64.302d95ec-a399-11e3-e2ad-d067e50ae371/160/0 Mar 4 13:33:26 RTD-DC1 named[32667]: client 10.249.250.64#65459: updating zone 'INTERNAL.DOMAIN.TLD/NONE': deleting rrset at 'Admin-PC.INTERNAL.DOMAIN.TLD' AAAA Mar 4 13:33:26 RTD-DC1 named[32667]: client 10.249.250.64#65459: updating zone 'INTERNAL.DOMAIN.TLD/NONE': deleting rrset at 'Admin-PC.INTERNAL.DOMAIN.TLD' A Mar 4 13:33:26 RTD-DC1 named[32667]: client 10.249.250.64#65459: updating zone 'INTERNAL.DOMAIN.TLD/NONE': adding an RR at 'Admin-PC.INTERNAL.DOMAIN.TLD' A Mar 4 13:33:26 RTD-DC1 named[32667]: samba_dlz: added Admin-PC.INTERNAL.DOMAIN.TLD Admin-PC.INTERNAL.DOMAIN.TLD.#0111200#011IN#011A#01110.249.250.64 Mar 4 13:33:26 RTD-DC1 named[32667]: samba_dlz: subtracted rdataset INTERNAL.DOMAIN.TLD 'INTERNAL.DOMAIN.TLD.#0113600#011IN#011SOA#011rtd-dc1.INTERNAL.DOMAIN.TLD. hostmaster.INTERNAL.DOMAIN.TLD. 1 900 600 86400 0' Mar 4 13:33:26 RTD-DC1 named[32667]: samba_dlz: added rdataset INTERNAL.DOMAIN.TLD 'INTERNAL.DOMAIN.TLD.#0113600#011IN#011SOA#011rtd-dc1.INTERNAL.DOMAIN.TLD. hostmaster.INTERNAL.DOMAIN.TLD. 2 900 600 86400 0' and Mar 4 13:35:25 RTD-DC1 named[32667]: client 10.249.250.64#52469: RFC 1918 response from Internet for 230.250.249.10.in-addr.arpa Mar 4 14:55:49 RTD-DC1 smbd[4586]: [2014/03/04 14:55:49.465331, 0] ../source3/rpc_server/srv_pipe.c:1395(api_rpcTNP) Mar 4 14:55:49 RTD-DC1 smbd[4586]: api_rpcTNP: \svcctl: SVCCTL_GETSERVICEKEYNAMEW failed. Mar 5 12:15:03 rtd-dc1 named[32667]: samba_dlz: starting transaction on zone INTERNAL.DOMAIN.TLD Mar 5 12:15:03 rtd-dc1 named[32667]: client 10.249.250.32#61301: update 'INTERNAL.DOMAIN.TLD/IN' denied Mar 5 12:15:03 rtd-dc1 named[32667]: samba_dlz: cancelling transaction on zone INTERNAL.DOMAIN.TLD Mar 5 12:15:03 rtd-dc1 named[32667]: samba_dlz: starting transaction on zone INTERNAL.DOMAIN.TLD Mar 5 12:15:03 rtd-dc1 named[32667]: samba_dlz: allowing update of signer=admin32-pc\$\@INTERNAL.DOMAIN.TLD name=Admin32-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=AAAA key=1124-ms-7.1-6814.11a3bdab-a457-11e3-6e92-d067e50f1671/160/0 Mar 5 12:15:03 rtd-dc1 named[32667]: samba_dlz: allowing update of signer=admin32-pc\$\@INTERNAL.DOMAIN.TLD name=Admin32-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=A key=1124-ms-7.1-6814.11a3bdab-a457-11e3-6e92-d067e50f1671/160/0 Mar 5 12:15:03 rtd-dc1 named[32667]: samba_dlz: allowing update of signer=admin32-pc\$\@INTERNAL.DOMAIN.TLD name=Admin32-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=A key=1124-ms-7.1-6814.11a3bdab-a457-11e3-6e92-d067e50f1671/160/0 Mar 5 12:15:03 rtd-dc1 named[32667]: client 10.249.250.32#55191: updating zone 'INTERNAL.DOMAIN.TLD/NONE': deleting rrset at 'Admin32-PC.INTERNAL.DOMAIN.TLD' AAAA Mar 5 12:15:03 rtd-dc1 named[32667]: client 10.249.250.32#55191: updating zone 'INTERNAL.DOMAIN.TLD/NONE': deleting rrset at 'Admin32-PC.INTERNAL.DOMAIN.TLD' A Mar 5 12:15:03 rtd-dc1 named[32667]: client 10.249.250.32#55191: updating zone 'INTERNAL.DOMAIN.TLD/NONE': adding an RR at 'Admin32-PC.INTERNAL.DOMAIN.TLD' A Mar 5 12:15:03 rtd-dc1 named[32667]: samba_dlz: added Admin32-PC.INTERNAL.DOMAIN.TLD Admin32-PC.INTERNAL.DOMAIN.TLD.#0111200#011IN#011A#01110.249.250.32 Mar 5 12:15:03 rtd-dc1 named[32667]: samba_dlz: subtracted rdataset INTERNAL.DOMAIN.TLD 'INTERNAL.DOMAIN.TLD.#0113600#011IN#011SOA#011rtd-dc1.INTERNAL.DOMAIN.TLD. hostmaster.INTERNAL.DOMAIN.TLD. 2 900 600 86400 0' Mar 5 12:15:03 rtd-dc1 named[32667]: samba_dlz: added rdataset INTERNAL.DOMAIN.TLD 'INTERNAL.DOMAIN.TLD.#0113600#011IN#011SOA#011rtd-dc1.INTERNAL.DOMAIN.TLD. hostmaster.INTERNAL.DOMAIN.TLD. 3 900 600 86400 0' Mar 5 12:15:03 rtd-dc1 named[32667]: samba_dlz: committed transaction on zone INTERNAL.DOMAIN.TLD setup... basic samba4 setup, default config ( with rfc2307 ) default windows 7 SP1 installed with all updates, nothing changed in windows 7. Greetz, Louis>-----Oorspronkelijk bericht----- >Van: mueller at tropenklinik.de >[mailto:samba-bounces at lists.samba.org] Namens Daniel M?ller >Verzonden: woensdag 5 maart 2014 10:32 >Aan: 'Sven Geggus'; samba at lists.samba.org >Onderwerp: Re: [Samba] Does automatic DNS PTR generation in >Samba4 AD DC work at all? > >Hello again, > >to make reverse DNS work on the fly with samba 4.1 you just >have to create the reverse lookup zone with samba-tool,ex: >samba-tool dns zonecreate your-samba-dns-server >135.168.192.in-addr.arpa. >Then every client that register will auto get a reverse entry. >If you do it by hand the automatic dns update of the client >will be denied in your log files and will not succeed. > >EDV Daniel M?ller > >Leitung EDV >Tropenklinik Paul-Lechler-Krankenhaus >Paul-Lechler-Str. 24 >72076 T?bingen >Tel.: 07071/206-463, Fax: 07071/206-499 >eMail: mueller at tropenklinik.de >Internet: www.tropenklinik.de >"Der Mensch ist die Medizin des Menschen" > > > > > >-----Urspr?ngliche Nachricht----- >Von: samba-bounces at lists.samba.org >[mailto:samba-bounces at lists.samba.org] Im Auftrag von Sven Geggus >Gesendet: Mittwoch, 5. M?rz 2014 10:21 >An: samba at lists.samba.org >Betreff: [Samba] Does automatic DNS PTR generation in Samba4 >AD DC work at all? > >Hello, > >I'm currently running a test setup with Samba4 internal DNS >(Version 4.1.5 from Debian backports) and 2 clients (Linux and >a Windows). > >Everything seems to work so far. > >However, I do not manage to get automatic PTR generation >working. I'm using the internal DNS at the moment, but I >wouldn't mind changing to bind if this will make it work. > >While reverse DNS seem to work with manually generated entries >(from Windows DNS Manager, samba-tool does not work for this >either) the automatic generation does not seem to work. > >When trying to trigger generation in mmc it tells me that the >entry already exists. > >Is this a known issue? > >Regards > >Sven > >-- >Trotz der zunehmenden Verbreitung von Linux erfreut sich der >B?r, und - dank Knut - insbesondere der Eisb?r, deutlich >gr??erer Beliebtheit als der Pinguin. (Gefunden bei >http://telepolis.de/) /me is giggls at ircnet, >http://sven.gegg.us/ on the Web >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba > >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba >