there is the same problem. My setup is as follow: router (DHCP/Bind as forwarder dc1 and dc2) /etc/dhcpd.conf option domain-name-servers 192.168.30.2, 192.168.30.6; dc1 (192.168.30.2) / dc2 (192.168.30.6) are domain Controller with bind_dlz DNS, dc2 is update via axfr dc1 ist dns master and where I see the errors. client 192.168.30.175#55454: update 'samdom.example.com/IN' denied and where i have add 'allow dns updates = nonsecure' to smb.conf without solve the problem. I think the client is talk to bind directly without using samba. I have also find and try https://wiki.samba.org/index.php/Configure_DHCP_to_update_DNS_records_with_BIND9 but when I try to update the dns zone from the router on dc1 i get NOAUTH error. Am 12.04.2017 um 15:05 schrieb Rowland Penny via samba:> On Wed, 12 Apr 2017 14:42:24 +0200 > basti via samba <samba at lists.samba.org> wrote: > >> OK I have done and ad an reverse zone to my ad. >> manual added values are found now. >> Automatic updates (by client like ipconfig /renew) are still denied. >> >> > > try adding 'allow dns updates = nonsecure' to smb.conf and then restart > Samba. > > Rowland > > >
The update with the dhcp script work for now. I'm not sure if it works since I add "allow dns updates = nonsecure" or if it works after a service restart. I will test if it is useable for me. Thanks rowland for now. Am 12.04.2017 um 15:26 schrieb basti via samba:> there is the same problem. > > My setup is as follow: > > router (DHCP/Bind as forwarder dc1 and dc2) > /etc/dhcpd.conf > > option domain-name-servers 192.168.30.2, 192.168.30.6; > > dc1 (192.168.30.2) / dc2 (192.168.30.6) are domain Controller with > bind_dlz DNS, dc2 is update via axfr > > dc1 ist dns master and where I see the errors. > > client 192.168.30.175#55454: update 'samdom.example.com/IN' denied > > and where i have add 'allow dns updates = nonsecure' to smb.conf without > solve the problem. > > I think the client is talk to bind directly without using samba. > I have also find and try > https://wiki.samba.org/index.php/Configure_DHCP_to_update_DNS_records_with_BIND9 > > but when I try to update the dns zone from the router on dc1 i get > NOAUTH error. > > Am 12.04.2017 um 15:05 schrieb Rowland Penny via samba: >> On Wed, 12 Apr 2017 14:42:24 +0200 >> basti via samba <samba at lists.samba.org> wrote: >> >>> OK I have done and ad an reverse zone to my ad. >>> manual added values are found now. >>> Automatic updates (by client like ipconfig /renew) are still denied. >>> >>> >> >> try adding 'allow dns updates = nonsecure' to smb.conf and then restart >> Samba. >> >> Rowland >> >> >> >
On Wed, 12 Apr 2017 15:47:26 +0200 basti via samba <samba at lists.samba.org> wrote:> The update with the dhcp script work for now. I'm not sure if it works > since I add "allow dns updates = nonsecure" or if it works after a > service restart. > > I will test if it is useable for me. > Thanks rowland for now. >if the 'dhcp script' you refer to is the one on the Samba wiki, then you need to stop your clients from trying to update their own records, this will never work. Rowland