samba - Apr 2016 - [Fwd: Re: [Fwd: Re: [Fwd: Re: Samba 4 more complete]]]

Second question:

Take a look at the logs


Apr 21 11:23:58 cd1 named[2224]: samba_dlz: starting transaction on zone
58.168.192.in-addr.arpa
Apr 21 11:23:58 cd1 named[2224]: client 192.168.58.10#22874: update
'58.168.192.in-addr.arpa/IN' denied
Apr 21 11:23:58 cd1 named[2224]: samba_dlz: cancelling transaction on zone
58.168.192.in-addr.arpa
Apr 21 11:23:58 cd1 dhcpd: Unable to add reverse map from
45.58.168.192.in-addr.arpa. to xp2.home.cu: REFUSED
Apr 21 11:23:58 cd1 named[2224]: samba_dlz: starting transaction on zone
home.cu
Apr 21 11:23:58 cd1 named[2224]: samba_dlz: allowing update of
signer=XP2\$\@HOME.CU name=xp2.home.cu tcpaddr= type=A
key=964-ms-7.3-e83765.c64f8090-07b1-11e6-07a1-080027d04121/160/0
Apr 21 11:23:58 cd1 named[2224]: samba_dlz: allowing update of
signer=XP2\$\@HOME.CU name=xp2.home.cu tcpaddr= type=A
key=964-ms-7.3-e83765.c64f8090-07b1-11e6-07a1-080027d04121/160/0
Apr 21 11:23:58 cd1 named[2224]: client 192.168.58.45#1317/key
XP2\$\@HOME.CU: updating zone 'home.cu/NONE': deleting rrset at
'xp2.home.cu' A
Apr 21 11:23:58 cd1 named[2224]: samba_dlz: subtracted rdataset
xp2.home.cu 'xp2.home.cu.#0111200#011IN#011A#011192.168.58.45'
Apr 21 11:23:58 cd1 named[2224]: client 192.168.58.45#1317/key
XP2\$\@HOME.CU: updating zone 'home.cu/NONE': adding an RR at
'xp2.home.cu' A
Apr 21 11:23:58 cd1 named[2224]: samba_dlz: added rdataset xp2.home.cu
'xp2.home.cu.#0111200#011IN#011A#011192.168.58.45'
Apr 21 11:23:58 cd1 named[2224]: samba_dlz: committed transaction on zone
home.cu
Apr 21 11:24:00 cd1 dhcpd: Dynamic and static leases present for
192.168.58.45.
Apr 21 11:24:00 cd1 dhcpd: Remove host declaration pc_xp2 or remove
192.168.58.45
Apr 21 11:24:00 cd1 dhcpd: from the dynamic address pool for 192.168.58.0/24
Apr 21 11:24:00 cd1 dhcpd: DHCPREQUEST for 192.168.58.45 from
08:00:27:d0:41:21 via eth0
Apr 21 11:24:00 cd1 dhcpd: DHCPACK on 192.168.58.45 to 08:00:27:d0:41:21
via eth0
Apr 21 11:24:00 cd1 named[2224]: samba_dlz: starting transaction on zone
58.168.192.in-addr.arpa
Apr 21 11:24:00 cd1 named[2224]: client 192.168.58.10#22874: update
'58.168.192.in-addr.arpa/IN' denied
Apr 21 11:24:00 cd1 named[2224]: samba_dlz: cancelling transaction on zone
58.168.192.in-addr.arpa
Apr 21 11:24:00 cd1 dhcpd: Unable to add reverse map from
45.58.168.192.in-addr.arpa. to xp2.home.cu: REFUSED
Apr 21 11:24:00 cd1 named[2224]: samba_dlz: starting transaction on zone
home.cu
Apr 21 11:24:00 cd1 named[2224]: client 192.168.58.45#1320: update
'home.cu/IN' denied
Apr 21 11:24:00 cd1 named[2224]: samba_dlz: cancelling transaction on zone
home.cu

What I meant is my problem with the reverse zone, the direct zone works
out well


It has to do with the permissions, but I have tried in many ways without
solution

What could be missing?



Leonidch













---------------------------- Mensaje original ----------------------------
Asunto: Re: [Samba] [Fwd: Re: [Fwd: Re: Samba 4 more complete]]
De:     "Rowland penny" <rpenny at samba.org>
Fecha:  Jue, 21 de Abril de 2016, 10:46 am
Para:   samba at lists.samba.org
--------------------------------------------------------------------------

On 21/04/16 15:23, cosme at crearq.co.cu wrote:
> First question
>
> To use bind as dlz is required to be compiled from source or you can use
> the package bind9 repo Debian8 ??
>
> Because I'm seeing you in the wiki
> https://wiki.samba.org/index.php/Setup_a_basic_BIND_installation
> ------------------------------------------
> says this
>
> If you install BIND from the repositories of your distribution, you can
> skip the following two steps, but make sure it was compiled That With The
> '--with-gssapi' and '--with-dlopen' options (see below)
before using it as
> the Samba AD DNS backend.
> -------------------------------------------
>
> In this case I bind9.9.5 use since the repo comes with --with-gssapi but
> not with --with-dlopen or --with-dlz-dlopen '
Hmm, the wiki needs updating, Bind9.9.x now compiles dlopen in as
standard, it is no longer an option, not entirely sure just when it
changed, but I can assure you Bind9 in Jessie does work with Samba4 (and
dhcp)

Next question :-D

Rowland

>
> What can I do in that case ??
>
> maybe that's one of my problems
>
> Leonidch
>
>

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

On 21/04/16 16:35, cosme at crearq.co.cu wrote:
>
> Second question:
>
> Take a look at the logs
>
>
> Apr 21 11:23:58 cd1 named[2224]: samba_dlz: starting transaction on zone
> 58.168.192.in-addr.arpa
> Apr 21 11:23:58 cd1 named[2224]: client 192.168.58.10#22874: update
> '58.168.192.in-addr.arpa/IN' denied
> Apr 21 11:23:58 cd1 named[2224]: samba_dlz: cancelling transaction on zone
> 58.168.192.in-addr.arpa
> Apr 21 11:23:58 cd1 dhcpd: Unable to add reverse map from
> 45.58.168.192.in-addr.arpa. to xp2.home.cu: REFUSED
> Apr 21 11:23:58 cd1 named[2224]: samba_dlz: starting transaction on zone
> home.cu
> Apr 21 11:23:58 cd1 named[2224]: samba_dlz: allowing update of
> signer=XP2\$\@HOME.CU name=xp2.home.cu tcpaddr= type=A
> key=964-ms-7.3-e83765.c64f8090-07b1-11e6-07a1-080027d04121/160/0
> Apr 21 11:23:58 cd1 named[2224]: samba_dlz: allowing update of
> signer=XP2\$\@HOME.CU name=xp2.home.cu tcpaddr= type=A
> key=964-ms-7.3-e83765.c64f8090-07b1-11e6-07a1-080027d04121/160/0
> Apr 21 11:23:58 cd1 named[2224]: client 192.168.58.45#1317/key
> XP2\$\@HOME.CU: updating zone 'home.cu/NONE': deleting rrset at
> 'xp2.home.cu' A
> Apr 21 11:23:58 cd1 named[2224]: samba_dlz: subtracted rdataset
> xp2.home.cu 'xp2.home.cu.#0111200#011IN#011A#011192.168.58.45'
> Apr 21 11:23:58 cd1 named[2224]: client 192.168.58.45#1317/key
> XP2\$\@HOME.CU: updating zone 'home.cu/NONE': adding an RR at
> 'xp2.home.cu' A
> Apr 21 11:23:58 cd1 named[2224]: samba_dlz: added rdataset xp2.home.cu
> 'xp2.home.cu.#0111200#011IN#011A#011192.168.58.45'
> Apr 21 11:23:58 cd1 named[2224]: samba_dlz: committed transaction on zone
> home.cu
> Apr 21 11:24:00 cd1 dhcpd: Dynamic and static leases present for
> 192.168.58.45.
> Apr 21 11:24:00 cd1 dhcpd: Remove host declaration pc_xp2 or remove
> 192.168.58.45
> Apr 21 11:24:00 cd1 dhcpd: from the dynamic address pool for
192.168.58.0/24
> Apr 21 11:24:00 cd1 dhcpd: DHCPREQUEST for 192.168.58.45 from
> 08:00:27:d0:41:21 via eth0
> Apr 21 11:24:00 cd1 dhcpd: DHCPACK on 192.168.58.45 to 08:00:27:d0:41:21
> via eth0
> Apr 21 11:24:00 cd1 named[2224]: samba_dlz: starting transaction on zone
> 58.168.192.in-addr.arpa
> Apr 21 11:24:00 cd1 named[2224]: client 192.168.58.10#22874: update
> '58.168.192.in-addr.arpa/IN' denied
> Apr 21 11:24:00 cd1 named[2224]: samba_dlz: cancelling transaction on zone
> 58.168.192.in-addr.arpa
> Apr 21 11:24:00 cd1 dhcpd: Unable to add reverse map from
> 45.58.168.192.in-addr.arpa. to xp2.home.cu: REFUSED
> Apr 21 11:24:00 cd1 named[2224]: samba_dlz: starting transaction on zone
> home.cu
> Apr 21 11:24:00 cd1 named[2224]: client 192.168.58.45#1320: update
> 'home.cu/IN' denied
> Apr 21 11:24:00 cd1 named[2224]: samba_dlz: cancelling transaction on zone
> home.cu
>
> What I meant is my problem with the reverse zone, the direct zone works
> out well
>
>
> It has to do with the permissions, but I have tried in many ways without
> solution
>
> What could be missing?
>
>
>
> Leonidch
>
>
>
>
>
>
>
>
>
>
>
>
>
> ---------------------------- Mensaje original ----------------------------
> Asunto: Re: [Samba] [Fwd: Re: [Fwd: Re: Samba 4 more complete]]
> De:     "Rowland penny" <rpenny at samba.org>
> Fecha:  Jue, 21 de Abril de 2016, 10:46 am
> Para:   samba at lists.samba.org
> --------------------------------------------------------------------------
>
> On 21/04/16 15:23, cosme at crearq.co.cu wrote:
>> First question
>>
>> To use bind as dlz is required to be compiled from source or you can
use
>> the package bind9 repo Debian8 ??
>>
>> Because I'm seeing you in the wiki
>> https://wiki.samba.org/index.php/Setup_a_basic_BIND_installation
>> ------------------------------------------
>> says this
>>
>> If you install BIND from the repositories of your distribution, you can
>> skip the following two steps, but make sure it was compiled That With
The
>> '--with-gssapi' and '--with-dlopen' options (see below)
before using it as
>> the Samba AD DNS backend.
>> -------------------------------------------
>>
>> In this case I bind9.9.5 use since the repo comes with --with-gssapi
but
>> not with --with-dlopen or --with-dlz-dlopen '
> Hmm, the wiki needs updating, Bind9.9.x now compiles dlopen in as
> standard, it is no longer an option, not entirely sure just when it
> changed, but I can assure you Bind9 in Jessie does work with Samba4 (and
> dhcp)
>
> Next question :-D
>
> Rowland
>
>
>> What can I do in that case ??
>>
>> maybe that's one of my problems
>>
>> Leonidch
>>
>>
>
You mean you want to see something like this in the logs:

Apr 21 06:46:27 dc1 named[1698]: samba_dlz: starting transaction on zone 
0.168.192.in-addr.arpa
Apr 21 06:46:27 dc1 named[1698]: samba_dlz: allowing update of 
signer=dhcpduser\@SAMDOM.EXAMPLE.COM name=101.0.168.192.in-addr.arpa 
tcpaddr=127.0.0.1 type=PTR key=990741993.sig-dc1.samdom.example.com/160/0
Apr 21 06:46:27 dc1 named[1698]: samba_dlz: allowing update of 
signer=dhcpduser\@SAMDOM.EXAMPLE.COM name=101.0.168.192.in-addr.arpa 
tcpaddr=127.0.0.1 type=PTR key=990741993.sig-dc1.samdom.example.com/160/0
Apr 21 06:46:27 dc1 named[1698]: client 127.0.0.1#34666/key 
dhcpduser\@SAMDOM.EXAMPLE.COM: updating zone 
'0.168.192.in-addr.arpa/NONE': deleting rrset at 
'101.0.168.192.in-addr.arpa' PTR
Apr 21 06:46:27 dc1 named[1698]: samba_dlz: subtracted rdataset 
101.0.168.192.in-addr.arpa 
'101.0.168.192.in-addr.arpa.#0113600#011IN#011PTR#011HP-Printer.samdom.example.com.'
Apr 21 06:46:27 dc1 named[1698]: client 127.0.0.1#34666/key 
dhcpduser\@SAMDOM.EXAMPLE.COM: updating zone 
'0.168.192.in-addr.arpa/NONE': adding an RR at 
'101.0.168.192.in-addr.arpa' PTR
Apr 21 06:46:27 dc1 named[1698]: samba_dlz: added rdataset 
101.0.168.192.in-addr.arpa 
'101.0.168.192.in-addr.arpa.#0113600#011IN#011PTR#011HP-Printer.samdom.example.com.'
Apr 21 06:46:27 dc1 named[1698]: samba_dlz: committed transaction on 
zone 0.168.192.in-addr.arpa
Apr 21 06:46:27 dc1 root: DHCP-DNS Update succeeded

Can I ask how you have tried to do the updates ?
Is dhcp trying to update the reverse zone directly ?

Rowland