On 2016-11-04 10:55, Rowland Penny via samba wrote:> On Fri, 04 Nov 2016 08:04:44 -0500 > Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: > >> On wiki page >> https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End#Reconfiguring_the_BIND9_DLZ_Back_End >> in the "Debugging the Bind Module" the section discusses the location >> for the log file. >> >> The /etc/named.log says "bash: bind: -g: cannot read: No such file or >> directory" . . . I am puzzled, what "file or directory" is being >> referenced? >> >> My "nslookup xxx.xxx.xxx.xxx" are failing. (nslookup hostname works) I >> have tried deleting the reverse zone and re-adding it and when I >> query, I get: >> >> root at dtxxx04:~# samba-tool dns query 192.168.xxx.50 >> xxx.168.192.in-addr.arpa @ ALL >> Password for [administrator at DTxxxM.DT]: >> ERROR(runtime): uncaught exception - (9714, >> 'WERR_DNS_ERROR_NAME_DOES_NOT_EXIST') >> File >> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", >> line 176, in _run >> return self.run(*args, **kwargs) >> File >> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/dns.py", >> line 998, in run >> None, record_type, select_flags, None, None) >> >> I found a reference in an older mailing list posting and near the end >> of the thread, the OP mentions that "resorted to dsupdate -g" to get >> it to add the reverse zone. I do not know how to dsupdate (This >> "dsupdate" is from memory and might slightly incorrect about the >> command.) >> >> Bottom line, samba-tool cannot add the reverse entries I need. >> >> Suggestions? >> >> -- >> _______________________________ >> >> Bob Wooden of Donelson Trophy > > Try looking in the system log (syslog on debian, messages on red hat) > > As for your reverse records, are you sure the reverse zone exists, your > command works for me. > > RowlandWell, good question. As I am unfamiliar, I think so. I tried Loius suggestion but got the DNS_ERROR. This is the error I am finding alot. Here is query and zonelist: root at dtdc03:~# samba-tool dns query dtdc03 xxx.168.192.in-addr.arpa 49 PTR ERROR(runtime): uncaught exception - (9714, 'WERR_DNS_ERROR_NAME_DOES_NOT_EXIST') File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 176, in _run return self.run(*args, **kwargs) File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/dns.py", line 998, in run None, record_type, select_flags, None, None) root at dtdc03:~# samba-tool dns zonelist dtdc03 3 zone(s) found pszZoneName : xxx.168.192.in-appr.arpa Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE ZoneType : DNS_ZONE_TYPE_PRIMARY Version : 50 dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED pszDpFqdn : DomainDnsZones.dtshrm.dt pszZoneName : dtshrm.dt Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE ZoneType : DNS_ZONE_TYPE_PRIMARY Version : 50 dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED pszDpFqdn : DomainDnsZones.dtshrm.dt pszZoneName : _msdcs.dtshrm.dt Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE ZoneType : DNS_ZONE_TYPE_PRIMARY Version : 50 dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED pszDpFqdn : ForestDnsZones.dtshrm.dt These three look correct, but I am not sure as I am not familiar with this detail. If it matters, I have two DC's but neither will reversedns. (Thought I had this working and discovered, yesterday that one DC was not working properly. Went through my entire setup again, on both DC's, last night and now cannot add reversedns to either DC.) All other dns testing checks out. Basically I keep being told, though log files and other, that the zone does not exist. At this point I am a little confused but, bottom line is I cannot add any reversedns zones to resolve my nslookup xxx.xxx.xxx.xxx failure issue to either DC. I am puzzled. What else would you like to see? log files? -- _______________________________ Bob Wooden of Donelson Trophy
On Fri, 04 Nov 2016 11:15:47 -0500 Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote:> On 2016-11-04 10:55, Rowland Penny via samba wrote: > > > On Fri, 04 Nov 2016 08:04:44 -0500 > > Bob of Donelson Trophy via samba <samba at lists.samba.org> wrote: > > > >> On wiki page > >> https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End#Reconfiguring_the_BIND9_DLZ_Back_End > >> in the "Debugging the Bind Module" the section discusses the > >> location for the log file. > >> > >> The /etc/named.log says "bash: bind: -g: cannot read: No such file > >> or directory" . . . I am puzzled, what "file or directory" is being > >> referenced? > >> > >> My "nslookup xxx.xxx.xxx.xxx" are failing. (nslookup hostname > >> works) I have tried deleting the reverse zone and re-adding it and > >> when I query, I get: > >> > >> root at dtxxx04:~# samba-tool dns query 192.168.xxx.50 > >> xxx.168.192.in-addr.arpa @ ALL > >> Password for [administrator at DTxxxM.DT]: > >> ERROR(runtime): uncaught exception - (9714, > >> 'WERR_DNS_ERROR_NAME_DOES_NOT_EXIST') > >> File > >> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", > >> line 176, in _run > >> return self.run(*args, **kwargs) > >> File > >> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/dns.py", > >> line 998, in run > >> None, record_type, select_flags, None, None) > >> > >> I found a reference in an older mailing list posting and near the > >> end of the thread, the OP mentions that "resorted to dsupdate -g" > >> to get it to add the reverse zone. I do not know how to dsupdate > >> (This "dsupdate" is from memory and might slightly incorrect about > >> the command.) > >> > >> Bottom line, samba-tool cannot add the reverse entries I need. > >> > >> Suggestions? > >> > >> -- > >> _______________________________ > >> > >> Bob Wooden of Donelson Trophy > > > > Try looking in the system log (syslog on debian, messages on red > > hat) > > > > As for your reverse records, are you sure the reverse zone exists, > > your command works for me. > > > > Rowland > > Well, good question. As I am unfamiliar, I think so. > > I tried Loius suggestion but got the DNS_ERROR. This is the error I am > finding alot. > > Here is query and zonelist: > > root at dtdc03:~# samba-tool dns query dtdc03 xxx.168.192.in-addr.arpa 49 > PTR > ERROR(runtime): uncaught exception - (9714, > 'WERR_DNS_ERROR_NAME_DOES_NOT_EXIST') > File > "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", > line 176, in _run > return self.run(*args, **kwargs) > File > "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/dns.py", > line 998, in run > None, record_type, select_flags, None, None) > root at dtdc03:~# samba-tool dns zonelist dtdc03 > 3 zone(s) found > > pszZoneName : xxx.168.192.in-appr.arpa > Flags : DNS_RPC_ZONE_DSINTEGRATED > DNS_RPC_ZONE_UPDATE_SECURE > ZoneType : DNS_ZONE_TYPE_PRIMARY > Version : 50 > dwDpFlags : DNS_DP_AUTOCREATED > DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED > pszDpFqdn : DomainDnsZones.dtshrm.dt > > pszZoneName : dtshrm.dt > Flags : DNS_RPC_ZONE_DSINTEGRATED > DNS_RPC_ZONE_UPDATE_SECURE > ZoneType : DNS_ZONE_TYPE_PRIMARY > Version : 50 > dwDpFlags : DNS_DP_AUTOCREATED > DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED > pszDpFqdn : DomainDnsZones.dtshrm.dt > > pszZoneName : _msdcs.dtshrm.dt > Flags : DNS_RPC_ZONE_DSINTEGRATED > DNS_RPC_ZONE_UPDATE_SECURE > ZoneType : DNS_ZONE_TYPE_PRIMARY > Version : 50 > dwDpFlags : DNS_DP_AUTOCREATED > DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED > pszDpFqdn : ForestDnsZones.dtshrm.dt > > These three look correct, but I am not sure as I am not familiar with > this detail. > > If it matters, I have two DC's but neither will reversedns. (Thought I > had this working and discovered, yesterday that one DC was not working > properly. Went through my entire setup again, on both DC's, last night > and now cannot add reversedns to either DC.) All other dns testing > checks out. > > Basically I keep being told, though log files and other, that the zone > does not exist. > > At this point I am a little confused but, bottom line is I cannot add > any reversedns zones to resolve my nslookup xxx.xxx.xxx.xxx failure > issue to either DC. I am puzzled. > > What else would you like to see? log files? >OK, lets check if the record does exists, if I run this on a DC: ldbsearch --cross-ncs -H /usr/local/samba/private/sam.ldb -s sub '(&(objectclass=dnsNode)(cn=180))' I get this: # record 1 dn: DC=180,DC=0.168.192.in-addr.arpa,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com objectClass: top objectClass: dnsNode instanceType: 4 whenCreated: 20161020160412.0Z uSNCreated: 44302 showInAdvancedViewOnly: TRUE name: 180 objectGUID: 85c0aade-15c9-48a8-822e-5ec24df2dbf9 objectCategory: CN=Dns-Node,CN=Schema,CN=Configuration,DC=samdom,DC=example,DC =com dc: 180 whenChanged: 20161104144426.0Z dnsRecord:: IQAMAAXwAAAKAAAAAAAOEAAAAAAWnzcAHwQKZGV2c3RhdGlvbgZzYW1kb20HZXhhbX BsZQNjb20A dNSTombstoned: FALSE uSNChanged: 44985 distinguishedName: DC=180,DC=0.168.192.in-addr.arpa,CN=MicrosoftDNS,DC=DomainD nsZones,DC=samdom,DC=example,DC=com So, adapt it for your setup and see if the record does exist in AD. Rowland
On 2016-11-04 11:31, Rowland Penny via samba wrote:> <<<<< cut >>>>>>>> > >> root at dtdc03:~# samba-tool dns zonelist dtdc03 >> 3 zone(s) found >> >> pszZoneName : xxx.168.192.in-appr.arpa >> Flags : DNS_RPC_ZONE_DSINTEGRATED >> DNS_RPC_ZONE_UPDATE_SECURE >> ZoneType : DNS_ZONE_TYPE_PRIMARY >> Version : 50 >> dwDpFlags : DNS_DP_AUTOCREATED >> DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED >> pszDpFqdn : DomainDnsZones.dtshrm.dt >> >> pszZoneName : dtshrm.dt >> Flags : DNS_RPC_ZONE_DSINTEGRATED >> DNS_RPC_ZONE_UPDATE_SECURE >> ZoneType : DNS_ZONE_TYPE_PRIMARY >> Version : 50 >> dwDpFlags : DNS_DP_AUTOCREATED >> DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED >> pszDpFqdn : DomainDnsZones.dtshrm.dt >> >> pszZoneName : _msdcs.dtshrm.dt >> Flags : DNS_RPC_ZONE_DSINTEGRATED >> DNS_RPC_ZONE_UPDATE_SECURE >> ZoneType : DNS_ZONE_TYPE_PRIMARY >> Version : 50 >> dwDpFlags : DNS_DP_AUTOCREATED >> DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED >> pszDpFqdn : ForestDnsZones.dtshrm.dt >> >> These three look correct, but I am not sure as I am not familiar with >> this detail. >> >> If it matters, I have two DC's but neither will reversedns. (Thought I >> had this working and discovered, yesterday that one DC was not working >> properly. Went through my entire setup again, on both DC's, last night >> and now cannot add reversedns to either DC.) All other dns testing >> checks out. >> >> Basically I keep being told, though log files and other, that the zone >> does not exist. >> >> At this point I am a little confused but, bottom line is I cannot add >> any reversedns zones to resolve my nslookup xxx.xxx.xxx.xxx failure >> issue to either DC. I am puzzled. >> >> What else would you like to see? log files? > > OK, lets check if the record does exists, if I run this on a DC: > > ldbsearch --cross-ncs -H /usr/local/samba/private/sam.ldb -s sub > '(&(objectclass=dnsNode)(cn=180))' > > I get this: > > # record 1 > dn: DC=180,DC=0.168.192.in-addr.arpa,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com > objectClass: top > objectClass: dnsNode > instanceType: 4 > whenCreated: 20161020160412.0Z > uSNCreated: 44302 > showInAdvancedViewOnly: TRUE > name: 180 > objectGUID: 85c0aade-15c9-48a8-822e-5ec24df2dbf9 > objectCategory: CN=Dns-Node,CN=Schema,CN=Configuration,DC=samdom,DC=example,DC > =com > dc: 180 > whenChanged: 20161104144426.0Z > dnsRecord:: IQAMAAXwAAAKAAAAAAAOEAAAAAAWnzcAHwQKZGV2c3RhdGlvbgZzYW1kb20HZXhhbX > BsZQNjb20A > dNSTombstoned: FALSE > uSNChanged: 44985 > distinguishedName: DC=180,DC=0.168.192.in-addr.arpa,CN=MicrosoftDNS,DC=DomainD > nsZones,DC=samdom,DC=example,DC=com > > So, adapt it for your setup and see if the record does exist in AD. > > RowlandAha!! 0 records . . . but, doesn't the "xxx.168.192.in-addr.arpa" represent the reverse zone? Okay, so 0 records, now? -- _______________________________ Bob Wooden of Donelson Trophy