Hello,
Thank you very much for your reply.
I have configured bind using the dlz backend and these are the results.
named log:
Mar 15 09:39:41 neptuno named[13166]: sizing zone task pool based on 6 zones
Mar 15 09:39:41 neptuno named[13166]: Loading 'AD DNS Zone' using driver
dlopen
Mar 15 09:39:42 neptuno named[13166]: samba_dlz: started for DN
DC=pragma,DC=com,DC=co
Mar 15 09:39:42 neptuno named[13166]: samba_dlz: starting configure
Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable
zone 'waspruebas.proteccion.com.co'
Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable
zone 'segdllo02.suranet.com'
Mar 15 09:39:42 neptuno named[13166]: zone dbmed04.pragma.com.co/NONE:
has no NS records
Mar 15 09:39:42 neptuno named[13166]: samba_dlz: Failed to configure
zone 'dbmed04.pragma.com.co'
Mar 15 09:39:42 neptuno named[13166]: loading configuration: bad zone
Mar 15 09:39:42 neptuno named[13166]: exiting (due to fatal error)
named.conf:
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
include "/usr/local/samba/private/named.conf";
As you can see in the log, the zone dbmed04.pragma.com.co does not
have ns records according to the database.
I've tried deleting it with
./samba-tool dns zonedelete neptuno.pragma.com.co dbmed04.pragma.com.co
ERROR(runtime): uncaught exception - (9717,
'WERR_DNS_ERROR_DS_UNAVAILABLE')
File
"/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py"
, line 176, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/dns.py",
line 780, in run
raise e
Best regards,
Santiago.
2017-03-14 17:21 GMT-05:00, Rowland Penny via samba <samba at
lists.samba.org>:> On Tue, 14 Mar 2017 17:01:24 -0500
> Santiago Londoño Mejía <santiago.londono at pragma.com.co> wrote:
>
>> Hello,
>>
>> Sorry for the few details.
>>
>> rsync:
>>
>> rsync -h -a -v /usr/local/samba/var/locks/sysvol/pragma.com.co/
>> root at server2:/usr/local/samba/var/locks/sysvol/pragma.com.co/
>
> OH dear, have a look here:
>
> https://wiki.samba.org/index.php/Rsync_based_SysVol_replication_workaround
>
>>
>> first dc smb.conf:
>> [global]
>> tls verify peer = no_check
>> ldap server require strong auth = no
>> netbios name = NEPTUNO
>> realm = PRAGMA.COM.CO
>> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
>> drepl, winbindd, ntp_signd, kcc, dnsupdate
>> workgroup = PRAGMA
>> server role = active directory domain controller
>> # interfaces = en160 en160:0 lo
>> wins support = Yes
>> name resolve order = wins lmhosts hosts bcast
>
> 'name resolve order' on something that is running (or should be) a
DNS
> server ???
>
>
>> named.conf:
>
>> zone "pragma.com.co" {
>> type master;
>> file "dynamic/pragma.com.co";
>> };
>
> AHA, you are running Bind with the totally unsupported flatfiles, this
> does not work.
>
>>
>>
>>
>> include "/etc/named.rfc1912.zones";
>> include "/etc/named.root.key";
>> //include "/usr/local/samba/private/named.conf";
>
> Uncomment the above line, you need it.
>
> Can I suggest you read about DNS on the samba wiki:
>
> https://wiki.samba.org/index.php/Setting_up_a_BIND_DNS_Server
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
Santiago Londoño Mejía
Analista de Infraestructura
t. (574) 605 25 23 ext. 1232
m. (57) 3148332567
Medellín | Carrera 50 C #10 Sur 80
Bogotá | Medellín | Cali
www.pragma.com.co
--
Este mensaje es confidencial. Puede contener información privilegiada que
pertenece a PRAGMA S.A. y/o a sus clientes, contratistas, directores, empleados
y asesores, por tanto no debe ser usado ni divulgado por personas distintas a su
destinatario. Si obtiene este mensaje por error, equivocación u omisión, por
favor bórrelo y avise al remitente.
Está prohibida su retención, grabación, utilización o divulgación con cualquier
propósito.
Este mensaje ha sido sometido a programas antivirus. No obstante, PRAGMA S.A. no
asume ninguna responsabilidad por eventuales daños generados por el recibo y uso
de este material, siendo responsabilidad del destinatario verificar con sus
propios medios la existencia de virus u otros defectos.
Las opiniones, conclusiones y otra información contenida en este correo no
relacionadas con el negocio oficial de PRAGMA S.A., deben entenderse como
personales y de ninguna manera son avaladas por la Compañía.
On Wed, 15 Mar 2017 10:03:59 -0500 Santiago Londoño Mejía <santiago.londono at pragma.com.co> wrote:> Hello, > Thank you very much for your reply. > I have configured bind using the dlz backend and these are the > results. > > named log: > > Mar 15 09:39:41 neptuno named[13166]: sizing zone task pool based on > 6 zones Mar 15 09:39:41 neptuno named[13166]: Loading 'AD DNS Zone' > using driver dlopen Mar 15 09:39:42 neptuno named[13166]: samba_dlz: > started for DN DC=pragma,DC=com,DC=co > Mar 15 09:39:42 neptuno named[13166]: samba_dlz: starting configure > Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable > zone 'waspruebas.proteccion.com.co' > Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable > zone 'segdllo02.suranet.com' > Mar 15 09:39:42 neptuno named[13166]: zone dbmed04.pragma.com.co/NONE: > has no NS records > Mar 15 09:39:42 neptuno named[13166]: samba_dlz: Failed to configure > zone 'dbmed04.pragma.com.co' > Mar 15 09:39:42 neptuno named[13166]: loading configuration: bad zone > Mar 15 09:39:42 neptuno named[13166]: exiting (due to fatal error) >You should only have the zone records for 'pragma.com.co' in AD and Bind must be running on the DC. I use Devuan and the Bind files are split into four files, these are the files I have basically been using for the last 5 years without problem: cat /etc/bind/named.conf include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; cat /etc/bind/named.conf.options options { directory "/var/cache/bind"; version "0.0.7"; notify no; empty-zones-enable no; allow-query { 127.0.0.1; 192.168.0.0/24; }; allow-recursion { 192.168.0.0/24; 127.0.0.1/32; }; forwarders { 8.8.8.8; }; allow-transfer { none; }; dnssec-validation no; dnssec-enable no; listen-on-v6 { none; }; listen-on port 53 { 192.168.0.2; 127.0.0.1; }; tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab"; }; cat /etc/bind/named.conf.local include "/usr/local/samba/private/named.conf"; cat /etc/bind/named.conf.default-zones // prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; }; // be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912 zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; };> > As you can see in the log, the zone dbmed04.pragma.com.co does not > have ns records according to the database.Hang on a minute, you posted that this is the smb.conf on your DC: realm = PRAGMA.COM.CO Your realm must be the same as your DNS domain, so where does 'dbmed04.pragma.com.co' come from ?? Try the command like this: samba-tool dns zonedelete neptuno.pragma.com.co waspruebas.proteccion.com.co -U Administrator (just in case it has spilt over two lines, the above should be on one line) If that works, remove the other spurious domain and then try 'samba_upgradedns --dns-backend=BIND9_DLZ' finally delete the last wrong zone 'dbmed04.pragma.com.co' Rowland
Hello,
Thank you for the answer.
I tried to remove the zone waspruebas.proteccion.com.co with following result
ERROR(runtime): uncaught exception - (9717,
'WERR_DNS_ERROR_DS_UNAVAILABLE')
File
"/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py",
line 176, in _run/netcmd/dns.py", lin return self.run(*args,
**kwargs)
File "/usr/local/samba/lib64/python2.6/site-packages/samba
e 780, in run
raise e
Best regards.
2017-03-15 10:51 GMT-05:00, Rowland Penny via samba <samba at
lists.samba.org>:> On Wed, 15 Mar 2017 10:03:59 -0500
> Santiago Londoño Mejía <santiago.londono at pragma.com.co> wrote:
>
>> Hello,
>> Thank you very much for your reply.
>> I have configured bind using the dlz backend and these are the
>> results.
>>
>> named log:
>>
>> Mar 15 09:39:41 neptuno named[13166]: sizing zone task pool based on
>> 6 zones Mar 15 09:39:41 neptuno named[13166]: Loading 'AD DNS
Zone'
>> using driver dlopen Mar 15 09:39:42 neptuno named[13166]: samba_dlz:
>> started for DN DC=pragma,DC=com,DC=co
>> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: starting configure
>> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable
>> zone 'waspruebas.proteccion.com.co'
>> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: configured writeable
>> zone 'segdllo02.suranet.com'
>> Mar 15 09:39:42 neptuno named[13166]: zone dbmed04.pragma.com.co/NONE:
>> has no NS records
>> Mar 15 09:39:42 neptuno named[13166]: samba_dlz: Failed to configure
>> zone 'dbmed04.pragma.com.co'
>> Mar 15 09:39:42 neptuno named[13166]: loading configuration: bad zone
>> Mar 15 09:39:42 neptuno named[13166]: exiting (due to fatal error)
>>
>
> You should only have the zone records for 'pragma.com.co' in AD and
> Bind must be running on the DC.
>
> I use Devuan and the Bind files are split into four files, these are
> the files I have basically been using for the last 5 years without
> problem:
>
> cat /etc/bind/named.conf
>
> include "/etc/bind/named.conf.options";
> include "/etc/bind/named.conf.local";
> include "/etc/bind/named.conf.default-zones";
>
> cat /etc/bind/named.conf.options
>
> options {
> directory "/var/cache/bind";
> version "0.0.7";
> notify no;
> empty-zones-enable no;
> allow-query { 127.0.0.1; 192.168.0.0/24; };
> allow-recursion { 192.168.0.0/24; 127.0.0.1/32; };
> forwarders { 8.8.8.8; };
> allow-transfer { none; };
> dnssec-validation no;
> dnssec-enable no;
>
> listen-on-v6 { none; };
> listen-on port 53 { 192.168.0.2; 127.0.0.1; };
> tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
> };
>
> cat /etc/bind/named.conf.local
>
> include "/usr/local/samba/private/named.conf";
>
> cat /etc/bind/named.conf.default-zones
> // prime the server with knowledge of the root servers
> zone "." {
> type hint;
> file "/etc/bind/db.root";
> };
>
> // be authoritative for the localhost forward and reverse zones, and for
> // broadcast zones as per RFC 1912
>
> zone "localhost" {
> type master;
> file "/etc/bind/db.local";
> };
>
> zone "127.in-addr.arpa" {
> type master;
> file "/etc/bind/db.127";
> };
>
> zone "0.in-addr.arpa" {
> type master;
> file "/etc/bind/db.0";
> };
>
> zone "255.in-addr.arpa" {
> type master;
> file "/etc/bind/db.255";
> };
>
>
>
>
>>
>> As you can see in the log, the zone dbmed04.pragma.com.co does not
>> have ns records according to the database.
>
> Hang on a minute, you posted that this is the smb.conf on your DC:
>
> realm = PRAGMA.COM.CO
>
> Your realm must be the same as your DNS domain, so where does
> 'dbmed04.pragma.com.co' come from ??
>
> Try the command like this:
>
> samba-tool dns zonedelete neptuno.pragma.com.co
> waspruebas.proteccion.com.co -U Administrator
>
> (just in case it has spilt over two lines, the above should be on one
> line)
>
> If that works, remove the other spurious domain and then try
> 'samba_upgradedns --dns-backend=BIND9_DLZ'
>
> finally delete the last wrong zone 'dbmed04.pragma.com.co'
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
Santiago Londoño Mejía
Analista de Infraestructura
t. (574) 605 25 23 ext. 1232
m. (57) 3148332567
Medellín | Carrera 50 C #10 Sur 80
Bogotá | Medellín | Cali
www.pragma.com.co
--
Este mensaje es confidencial. Puede contener información privilegiada que
pertenece a PRAGMA S.A. y/o a sus clientes, contratistas, directores, empleados
y asesores, por tanto no debe ser usado ni divulgado por personas distintas a su
destinatario. Si obtiene este mensaje por error, equivocación u omisión, por
favor bórrelo y avise al remitente.
Está prohibida su retención, grabación, utilización o divulgación con cualquier
propósito.
Este mensaje ha sido sometido a programas antivirus. No obstante, PRAGMA S.A. no
asume ninguna responsabilidad por eventuales daños generados por el recibo y uso
de este material, siendo responsabilidad del destinatario verificar con sus
propios medios la existencia de virus u otros defectos.
Las opiniones, conclusiones y otra información contenida en este correo no
relacionadas con el negocio oficial de PRAGMA S.A., deben entenderse como
personales y de ninguna manera son avaladas por la Compañía.
Apparently Analagous Threads
- Problems with replication and dns
- " a misconfigured DNS zone" (was Provision new domain keeping users and passwords (Santiago))
- " a misconfigured DNS zone" (was Provision new domain keeping users and passwords (Santiago))
- Provision new domain keeping users and passwords (Santiago)
- Problems with replication and dns