samba - Sep 2015 - On to samba-tools tools - Re: samba_dlz: Failed to connect

On 03/09/15 20:48, Robert Moskowitz wrote:
>
>
> On 09/03/2015 02:51 PM, Rowland Penny wrote:
>> On 03/09/15 19:42, Robert Moskowitz wrote:
>>>
>>>
>>> On 09/03/2015 02:33 PM, Rowland Penny wrote:
>>>> On 03/09/15 19:21, Robert Moskowitz wrote:
>>>>>
>>>>>
>>>>> On 09/03/2015 02:17 PM, Rowland Penny wrote:
>>>>>> On 03/09/15 19:05, Robert Moskowitz wrote:
>>>>>>>
>>>>>>>
>>>>>>> On 09/03/2015 01:59 PM, Sketch wrote:
>>>>>>>> On Thu, 3 Sep 2015, Rowland Penny wrote:
>>>>>>>>
>>>>>>>>>  What are the permissions on
/var/lib/samba/private/dns ?
>>>>>>>>
>>>>>>>> Also don't forget the permissions on
/var/lib/samba/private
>>>>>>>>
>>>>>>>> If you're using sernet's packages,
you'll have to chgrp it to
>>>>>>>> to named or give it o+x perms.
>>>>>>>
>>>>>>> chown root:named /var/lib/samba/private
>>>>>>>
>>>>>>> Wow that was it!
>>>>>>>
>>>>>>> DLZ is up and running.  Lots more to get right in
the bind
>>>>>>> config....
>>>>>>>
>>>>>>> Is there a web app to front end samba-tools for
maintaining at
>>>>>>> least the dns portion?
>>>>>>
>>>>>> Yes, it is called RSAT and runs on windows :-D
>>>>>
>>>>>
>>>>> Very funny.  THAT IS NOT a web app front end to
samba-tools. What
>>>>> about webmin?  But have to see if it is build specific...
>>>>>
>>>>>
>>>>
>>>> As far as I know RSAT is the only option at the moment, Webmin 
>>>> doesn't seem to know anything about dlz, but then again
Samba 4 AD
>>>> has been out nearly 3 years now and Webmin still doesn't
work with it.
>>>
>>> Well does Webmin know about ldap and can update the ldap directly?
>>>
>>> Grumble.
>>>
>>>
>>
>> It is no good grumbling on here, you could try grumbling at Webmin :-)
>>
>> Also, using ldap is not as simple as that, try reading dns.py, it is 
>> in /usr/share/pyshared/samba/netcmd on debian
>> I know it is written in python and uses ldb, but it might help you to 
>> understand just how difficult it is to work with dns & samba.
>
> My first item is to add the A and CNAME records for some of the 
> statically addressed systems in my home.htt domain.
Try 'samba-tool dns add --help'
The first line it prints is this:

Usage: samba-tool dns add <server> <zone> <name> 
<A|AAAA|PTR|CNAME|NS|MX|SRV|TXT> <data>
>
> For 2 of them I COULD use dhcp with MAC - IP address mapping. Have you 
> used that and gotten the A record added?  That probably won't handle 
> the CNAME (and MX) though.
>
Never tried it, so cannot comment :-)

Rowland

On 09/03/2015 04:03 PM, Rowland Penny wrote:
> On 03/09/15 20:48, Robert Moskowitz wrote:
>>
>>
>> On 09/03/2015 02:51 PM, Rowland Penny wrote:
>>> On 03/09/15 19:42, Robert Moskowitz wrote:
>>>>
>>>>
>>>> On 09/03/2015 02:33 PM, Rowland Penny wrote:
>>>>> On 03/09/15 19:21, Robert Moskowitz wrote:
>>>>>>
>>>>>>
>>>>>> On 09/03/2015 02:17 PM, Rowland Penny wrote:
>>>>>>> On 03/09/15 19:05, Robert Moskowitz wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>> On 09/03/2015 01:59 PM, Sketch wrote:
>>>>>>>>> On Thu, 3 Sep 2015, Rowland Penny wrote:
>>>>>>>>>
>>>>>>>>>>  What are the permissions on
/var/lib/samba/private/dns ?
>>>>>>>>>
>>>>>>>>> Also don't forget the permissions on
/var/lib/samba/private
>>>>>>>>>
>>>>>>>>> If you're using sernet's packages,
you'll have to chgrp it to
>>>>>>>>> to named or give it o+x perms.
>>>>>>>>
>>>>>>>> chown root:named /var/lib/samba/private
>>>>>>>>
>>>>>>>> Wow that was it!
>>>>>>>>
>>>>>>>> DLZ is up and running.  Lots more to get right
in the bind
>>>>>>>> config....
>>>>>>>>
>>>>>>>> Is there a web app to front end samba-tools for
maintaining at
>>>>>>>> least the dns portion?
>>>>>>>
>>>>>>> Yes, it is called RSAT and runs on windows :-D
>>>>>>
>>>>>>
>>>>>> Very funny.  THAT IS NOT a web app front end to
samba-tools. What
>>>>>> about webmin?  But have to see if it is build
specific...
>>>>>>
>>>>>>
>>>>>
>>>>> As far as I know RSAT is the only option at the moment,
Webmin
>>>>> doesn't seem to know anything about dlz, but then again
Samba 4 AD
>>>>> has been out nearly 3 years now and Webmin still
doesn't work with
>>>>> it.
>>>>
>>>> Well does Webmin know about ldap and can update the ldap
directly?
>>>>
>>>> Grumble.
>>>>
>>>>
>>>
>>> It is no good grumbling on here, you could try grumbling at Webmin
:-)
>>>
>>> Also, using ldap is not as simple as that, try reading dns.py, it
is
>>> in /usr/share/pyshared/samba/netcmd on debian
>>> I know it is written in python and uses ldb, but it might help you 
>>> to understand just how difficult it is to work with dns &
samba.
>>
>> My first item is to add the A and CNAME records for some of the 
>> statically addressed systems in my home.htt domain.
>
> Try 'samba-tool dns add --help'
> The first line it prints is this:
>
> Usage: samba-tool dns add <server> <zone> <name> 
> <A|AAAA|PTR|CNAME|NS|MX|SRV|TXT> <data>
What is server?  localhost?
>
>>
>> For 2 of them I COULD use dhcp with MAC - IP address mapping. Have 
>> you used that and gotten the A record added?  That probably won't 
>> handle the CNAME (and MX) though.
>>
>
> Never tried it, so cannot comment :-)
I may, and then I may not.

On 03/09/15 21:17, Robert Moskowitz wrote:
>
>
> On 09/03/2015 04:03 PM, Rowland Penny wrote:
>> On 03/09/15 20:48, Robert Moskowitz wrote:
>>>
>>>
>>> On 09/03/2015 02:51 PM, Rowland Penny wrote:
>>>> On 03/09/15 19:42, Robert Moskowitz wrote:
>>>>>
>>>>>
>>>>> On 09/03/2015 02:33 PM, Rowland Penny wrote:
>>>>>> On 03/09/15 19:21, Robert Moskowitz wrote:
>>>>>>>
>>>>>>>
>>>>>>> On 09/03/2015 02:17 PM, Rowland Penny wrote:
>>>>>>>> On 03/09/15 19:05, Robert Moskowitz wrote:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 09/03/2015 01:59 PM, Sketch wrote:
>>>>>>>>>> On Thu, 3 Sep 2015, Rowland Penny
wrote:
>>>>>>>>>>
>>>>>>>>>>>  What are the permissions on
/var/lib/samba/private/dns ?
>>>>>>>>>>
>>>>>>>>>> Also don't forget the permissions
on /var/lib/samba/private
>>>>>>>>>>
>>>>>>>>>> If you're using sernet's
packages, you'll have to chgrp it to
>>>>>>>>>> to named or give it o+x perms.
>>>>>>>>>
>>>>>>>>> chown root:named /var/lib/samba/private
>>>>>>>>>
>>>>>>>>> Wow that was it!
>>>>>>>>>
>>>>>>>>> DLZ is up and running.  Lots more to get
right in the bind
>>>>>>>>> config....
>>>>>>>>>
>>>>>>>>> Is there a web app to front end samba-tools
for maintaining at
>>>>>>>>> least the dns portion?
>>>>>>>>
>>>>>>>> Yes, it is called RSAT and runs on windows :-D
>>>>>>>
>>>>>>>
>>>>>>> Very funny.  THAT IS NOT a web app front end to
samba-tools.
>>>>>>> What about webmin?  But have to see if it is build
specific...
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> As far as I know RSAT is the only option at the moment,
Webmin
>>>>>> doesn't seem to know anything about dlz, but then
again Samba 4
>>>>>> AD has been out nearly 3 years now and Webmin still
doesn't work
>>>>>> with it.
>>>>>
>>>>> Well does Webmin know about ldap and can update the ldap
directly?
>>>>>
>>>>> Grumble.
>>>>>
>>>>>
>>>>
>>>> It is no good grumbling on here, you could try grumbling at
Webmin :-)
>>>>
>>>> Also, using ldap is not as simple as that, try reading dns.py,
it
>>>> is in /usr/share/pyshared/samba/netcmd on debian
>>>> I know it is written in python and uses ldb, but it might help
you
>>>> to understand just how difficult it is to work with dns &
samba.
>>>
>>> My first item is to add the A and CNAME records for some of the 
>>> statically addressed systems in my home.htt domain.
>>
>> Try 'samba-tool dns add --help'
>> The first line it prints is this:
>>
>> Usage: samba-tool dns add <server> <zone> <name> 
>> <A|AAAA|PTR|CNAME|NS|MX|SRV|TXT> <data>
>
> What is server?  localhost?
>
You can use:
localhost
127.0.0.1
the ip of the samba DC
the short hostname of the DC
the fqdn of the DC

>>
>>>
>>> For 2 of them I COULD use dhcp with MAC - IP address mapping. Have 
>>> you used that and gotten the A record added?  That probably
won't
>>> handle the CNAME (and MX) though.
>>>
>>
>> Never tried it, so cannot comment :-)
>
> I may, and then I may not.
>
>