Sorry, the real e-mail is this:
[root at pc ~]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor
preset: disabled)
Active: active (running) since Mon 2018-06-11 08:54:10 AST; 12min ago
Process: 1276 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS
(code=exited, status=0/SUCCESS)
Process: 1073 ExecStartPre=/bin/bash -c if [ !
"$DISABLE_ZONE_CHECKING" == "yes" ]; then
/usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of
zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 1278 (named)
CGroup: /system.slice/named.service
└─1278 /usr/sbin/named -u named -c /etc/named.conf -4
Jun 11 09:06:19 pc named[1278]: samba_dlz: starting transaction on zone
domain.local
Jun 11 09:06:19 pc named[1278]: client 172.20.1.95#62351: update
'domain.local/IN' denied
Jun 11 09:06:19 pc named[1278]: samba_dlz: cancelling transaction on zone
domain.local
Jun 11 09:06:19 pc named[1278]: samba_dlz: starting transaction on zone
domain.local
Jun 11 09:06:19 pc named[1278]: samba_dlz: disallowing update of
signer=ADMISIONES1\$\@domain.LOCAL name=ADMISIONES1.domain.local ty...s rights
Jun 11 09:06:19 pc named[1278]: client 172.20.1.95#51971/key
ADMISIONES1\$\@domain.LOCAL: updating zone 'domain.local/NONE': update
...REFUSED)
Jun 11 09:06:19 pc named[1278]: samba_dlz: cancelling transaction on zone
domain.local
Jun 11 09:06:45 pc named[1278]: samba_dlz: starting transaction on zone
domain.local
Jun 11 09:06:45 pc named[1278]: client 172.20.2.23#56645: update
'domain.local/IN' denied
Jun 11 09:06:45 pc named[1278]: samba_dlz: cancelling transaction on zone
domain.local
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El lunes, 11 de junio de 2018 9:16:55 a. m. GMT-4, Fermin Francisco
<abcddo at yahoo.com> escribió:
Good morning!
After I changed some permissions and owners of some files where Rowland told me,
I have the next escenary:
[root at proxy ~]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor
preset: disabled)
Active: active (running) since Mon 2018-06-11 08:54:10 AST; 12min ago
Process: 1276 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS
(code=exited, status=0/SUCCESS)
Process: 1073 ExecStartPre=/bin/bash -c if [ !
"$DISABLE_ZONE_CHECKING" == "yes" ]; then
/usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of
zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 1278 (named)
CGroup: /system.slice/named.service
└─1278 /usr/sbin/named -u named -c /etc/named.conf -4
Jun 11 09:06:19 proxy named[1278]: samba_dlz: starting transaction on zone
gmu.local
Jun 11 09:06:19 proxy named[1278]: client 172.20.1.95#62351: update
'gmu.local/IN' denied
Jun 11 09:06:19 proxy named[1278]: samba_dlz: cancelling transaction on zone
gmu.local
Jun 11 09:06:19 proxy named[1278]: samba_dlz: starting transaction on zone
gmu.local
Jun 11 09:06:19 proxy named[1278]: samba_dlz: disallowing update of
signer=ADMISIONES1\$\@GMU.LOCAL name=ADMISIONES1.gmu.local ty...insuficient
access rights
Jun 11 09:06:19 proxy named[1278]: client 172.20.1.95#51971/key
ADMISIONES1\$\@GMU.LOCAL: updating zone 'gmu.local/NONE': update
...REFUSED)
Jun 11 09:06:19 proxy named[1278]: samba_dlz: cancelling transaction on zone
gmu.local
Jun 11 09:06:45 proxy named[1278]: samba_dlz: starting transaction on zone
gmu.local
Jun 11 09:06:45 proxy named[1278]: client 172.20.2.23#56645: update
'gmu.local/IN' denied
Jun 11 09:06:45 proxy named[1278]: samba_dlz: cancelling transaction on zone
gmu.local
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 7:53:21 p. m. GMT-4, Fermin Francisco
<abcddo at yahoo.com> escribió:
Good Afternoon!
I had thinking that maybe is a permissions problem.
Then, here the files permissions:
[root at pc ~]# ls -l /etc/resolv.conf
-rw-r--r--. 1 root root 78 Jun 7 17:32
/etc/resolv.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hosts
-rw-r--r--. 1 root root 193 Dec 4 2017 /etc/hosts
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hostname
-rw-r--r--. 1 root root 6 Mar 15 2017 /etc/hostname
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/krb5.conf
-rw-r--r-- 1 root named 275 Jun 7 21:14
/etc/krb5.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/named.conf
-rw-r----- 1 named named 673 Jun 9 13:00 /etc/named.conf
-----------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/etc/smb.conf
-rw-r--r--. 1 root root 481 Jun 9 07:50
/usr/local/samba/etc/smb.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/named.conf
-rwx------. 1 named named 738 Jun 9 13:17
/usr/local/samba/private/named.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /var/named/
total 7276drwxr-x--- 7 root named 4096 Jun 6 17:01 chroot
drwxr-x--- 7 root named 4096 Jun 6 17:01 chroot_sdb
-rw------- 1 named named 59031552 Jun 9 13:17 core.2775
drwxrwx---. 2 named named 4096 Apr 12 14:48 data
-rw------- 1 named named 4619 Jun 9 16:41 _default.tsigkeys
drwxrwx---. 2 named named 4096 Jun 9 10:00 dynamic
drwxrwx---. 2 root named 4096 Aug 23 2017 dyndb-ldap
-rw-r----- 1 root named 2281 May 22 2017 named.ca
-rw-r----- 1 root named 152 Dec 15 2009 named.empty
-rw-r----- 1 root named 152 Jun 21 2007 named.localhost
-rw-r----- 1 root named 168 Dec 15 2009 named.loopback
drwxrwx--- 2 named named 4096 Apr 12 14:48 slaves
-rw------- 1 named named 0 Jun 6 16:53 tmp-NCmwqgdbNj
-rw------- 1 named named 0 Jun 6 14:29 tmp-zUOntofvPk
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/sysconfig/selinux
lrwxrwxrwx. 1 root root 17 Mar 15 2017 /etc/sysconfig/selinux ->
../selinux/config
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/init.d/samba4
-rwxr-xr-x. 1 root root 1150 Mar 15 2017 /etc/init.d/samba4
------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/dns.keytab
-rwx------. 1 root named 707 Mar 15 2017 /usr/local/samba/private/dns.keytab
------------------------------------------------------------------------------
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 7:13:24 p. m. AST, Fermin Francisco <abcddo
at yahoo.com> escribió:
Good Afternoon!
I had thinking that maybe is a permissions problem.
Then, here the files permissions:
[root at pc ~]# ls -l /etc/resolv.conf-rw-r--r--. 1 root root 78 Jun 7 17:32
/etc/resolv.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hosts-rw-r--r--. 1 root root 193 Dec 4 2017
/etc/hosts
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hostname-rw-r--r--. 1 root root 6 Mar 15 2017
/etc/hostname
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/krb5.conf-rw-r--r-- 1 root named 275 Jun 7 21:14
/etc/krb5.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/named.conf-rw-r----- 1 named named 673 Jun 9 13:00
/etc/named.conf
[root at pc ~]# ls -l /usr/local/samba/etc/smb.conf-rw-r--r--. 1 root root 481
Jun 9 07:50
/usr/local/samba/etc/smb.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/named.conf-rwx------. 1 named
named 738 Jun 9 13:17
/usr/local/samba/private/named.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /var/named/total 7276drwxr-x--- 7 root named 4096
Jun 6 17:01 chrootdrwxr-x--- 7 root named 4096 Jun 6 17:01
chroot_sdb-rw------- 1 named named 59031552 Jun 9 13:17 core.2775drwxrwx---. 2
named named 4096 Apr 12 14:48 data-rw------- 1 named named 4619 Jun 9
16:41 _default.tsigkeysdrwxrwx---. 2 named named 4096 Jun 9 10:00
dynamicdrwxrwx---. 2 root named 4096 Aug 23 2017 dyndb-ldap-rw-r----- 1
root named 2281 May 22 2017 named.ca-rw-r----- 1 root named 152 Dec
15 2009 named.empty-rw-r----- 1 root named 152 Jun 21 2007
named.localhost-rw-r----- 1 root named 168 Dec 15 2009
named.loopbackdrwxrwx--- 2 named named 4096 Apr 12 14:48 slaves-rw-------
1 named named 0 Jun 6 16:53 tmp-NCmwqgdbNj-rw------- 1 named named
0 Jun 6 14:29 tmp-zUOntofvPk
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/sysconfig/selinuxlrwxrwxrwx. 1 root root 17 Mar 15
2017 /etc/sysconfig/selinux -> ../selinux/config
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/init.d/samba4-rwxr-xr-x. 1 root root 1150 Mar 15
2017 /etc/init.d/samba4
------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/dns.keytab-rwx------. 1 root
named 707 Mar 15 2017 /usr/local/samba/private/dns.keytab
------------------------------------------------------------------------------
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 2:15:50 p. m. AST, Dr. Hansjörg Maurer
<hansjoerg.maurer at itsd.de> escribió:
Hi
can you post your /etc/krb5.conf
Regards
Hansjörg
--
Dr. Hansjörg Maurer
itsystems Deutschland AG
Erzgießereistr. 22
80335 München
Tel: +49-89-52 04 68-41
Fax: +49-89-52 04 68-59
E-Mail: hansjoerg.maurer at itsd.de
Web: http://www.itsd.de
Amtsgericht München HRB 132146
USt-IdNr. DE 812991301
Steuer-Nr. 143/100/81575
Aufsichtsratsvorsitzender:
Stefan Adam
Vorstand:
Dr. Michael Krocka
Dr. Hansjörg Maurer
----------------------------
Unser System ist mit einem Mailverschluesselungs-Gateway ausgestattet. Wenn Sie
moechten, dass an Sie gerichtete E-Mails verschluesselt werden, senden Sie
einfach eine S/MIME-signierte E-Mail oder Ihren PGP Public Key an
hansjoerg.maurer at itsd.de.
Our system is equipped with an email encryption gateway. If you want email sent
to you to be encrypted please send a S/MIME signed email or your PGP public key
to hansjoerg.maurer at itsd.de.
I forgot to say that I updated Centos from 7.4 to 7.5, and I updated samba4 to
the new version.
This Would be a problem of records of something like that.
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El lunes, 11 de junio de 2018 9:45:03 a. m. GMT-4, Fermin Francisco
<abcddo at yahoo.com> escribió:
Sorry, the real e-mail is this:
[root at pc ~]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor
preset: disabled)
Active: active (running) since Mon 2018-06-11 08:54:10 AST; 12min ago
Process: 1276 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS
(code=exited, status=0/SUCCESS)
Process: 1073 ExecStartPre=/bin/bash -c if [ !
"$DISABLE_ZONE_CHECKING" == "yes" ]; then
/usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of
zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 1278 (named)
CGroup: /system.slice/named.service
└─1278 /usr/sbin/named -u named -c /etc/named.conf -4
Jun 11 09:06:19 pc named[1278]: samba_dlz: starting transaction on zone
domain.local
Jun 11 09:06:19 pc named[1278]: client 172.20.1.95#62351: update
'domain.local/IN' denied
Jun 11 09:06:19 pc named[1278]: samba_dlz: cancelling transaction on zone
domain.local
Jun 11 09:06:19 pc named[1278]: samba_dlz: starting transaction on zone
domain.local
Jun 11 09:06:19 pc named[1278]: samba_dlz: disallowing update of
signer=ADMISIONES1\$\@domain.LOCAL name=ADMISIONES1.domain.local ty...s rights
Jun 11 09:06:19 pc named[1278]: client 172.20.1.95#51971/key
ADMISIONES1\$\@domain.LOCAL: updating zone 'domain.local/NONE': update
...REFUSED)
Jun 11 09:06:19 pc named[1278]: samba_dlz: cancelling transaction on zone
domain.local
Jun 11 09:06:45 pc named[1278]: samba_dlz: starting transaction on zone
domain.local
Jun 11 09:06:45 pc named[1278]: client 172.20.2.23#56645: update
'domain.local/IN' denied
Jun 11 09:06:45 pc named[1278]: samba_dlz: cancelling transaction on zone
domain.local
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El lunes, 11 de junio de 2018 9:16:55 a. m. GMT-4, Fermin Francisco
<abcddo at yahoo.com> escribió:
Good morning!
After I changed some permissions and owners of some files where Rowland told me,
I have the next escenary:
[root at proxy ~]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor
preset: disabled)
Active: active (running) since Mon 2018-06-11 08:54:10 AST; 12min ago
Process: 1276 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS
(code=exited, status=0/SUCCESS)
Process: 1073 ExecStartPre=/bin/bash -c if [ !
"$DISABLE_ZONE_CHECKING" == "yes" ]; then
/usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of
zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 1278 (named)
CGroup: /system.slice/named.service
└─1278 /usr/sbin/named -u named -c /etc/named.conf -4
Jun 11 09:06:19 proxy named[1278]: samba_dlz: starting transaction on zone
gmu.local
Jun 11 09:06:19 proxy named[1278]: client 172.20.1.95#62351: update
'gmu.local/IN' denied
Jun 11 09:06:19 proxy named[1278]: samba_dlz: cancelling transaction on zone
gmu.local
Jun 11 09:06:19 proxy named[1278]: samba_dlz: starting transaction on zone
gmu.local
Jun 11 09:06:19 proxy named[1278]: samba_dlz: disallowing update of
signer=ADMISIONES1\$\@GMU.LOCAL name=ADMISIONES1.gmu.local ty...insuficient
access rights
Jun 11 09:06:19 proxy named[1278]: client 172.20.1.95#51971/key
ADMISIONES1\$\@GMU.LOCAL: updating zone 'gmu.local/NONE': update
...REFUSED)
Jun 11 09:06:19 proxy named[1278]: samba_dlz: cancelling transaction on zone
gmu.local
Jun 11 09:06:45 proxy named[1278]: samba_dlz: starting transaction on zone
gmu.local
Jun 11 09:06:45 proxy named[1278]: client 172.20.2.23#56645: update
'gmu.local/IN' denied
Jun 11 09:06:45 proxy named[1278]: samba_dlz: cancelling transaction on zone
gmu.local
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 7:53:21 p. m. GMT-4, Fermin Francisco
<abcddo at yahoo.com> escribió:
Good Afternoon!
I had thinking that maybe is a permissions problem.
Then, here the files permissions:
[root at pc ~]# ls -l /etc/resolv.conf
-rw-r--r--. 1 root root 78 Jun 7 17:32
/etc/resolv.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hosts
-rw-r--r--. 1 root root 193 Dec 4 2017 /etc/hosts
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hostname
-rw-r--r--. 1 root root 6 Mar 15 2017 /etc/hostname
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/krb5.conf
-rw-r--r-- 1 root named 275 Jun 7 21:14
/etc/krb5.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/named.conf
-rw-r----- 1 named named 673 Jun 9 13:00 /etc/named.conf
-----------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/etc/smb.conf
-rw-r--r--. 1 root root 481 Jun 9 07:50
/usr/local/samba/etc/smb.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/named.conf
-rwx------. 1 named named 738 Jun 9 13:17
/usr/local/samba/private/named.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /var/named/
total 7276drwxr-x--- 7 root named 4096 Jun 6 17:01 chroot
drwxr-x--- 7 root named 4096 Jun 6 17:01 chroot_sdb
-rw------- 1 named named 59031552 Jun 9 13:17 core.2775
drwxrwx---. 2 named named 4096 Apr 12 14:48 data
-rw------- 1 named named 4619 Jun 9 16:41 _default.tsigkeys
drwxrwx---. 2 named named 4096 Jun 9 10:00 dynamic
drwxrwx---. 2 root named 4096 Aug 23 2017 dyndb-ldap
-rw-r----- 1 root named 2281 May 22 2017 named.ca
-rw-r----- 1 root named 152 Dec 15 2009 named.empty
-rw-r----- 1 root named 152 Jun 21 2007 named.localhost
-rw-r----- 1 root named 168 Dec 15 2009 named.loopback
drwxrwx--- 2 named named 4096 Apr 12 14:48 slaves
-rw------- 1 named named 0 Jun 6 16:53 tmp-NCmwqgdbNj
-rw------- 1 named named 0 Jun 6 14:29 tmp-zUOntofvPk
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/sysconfig/selinux
lrwxrwxrwx. 1 root root 17 Mar 15 2017 /etc/sysconfig/selinux ->
../selinux/config
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/init.d/samba4
-rwxr-xr-x. 1 root root 1150 Mar 15 2017 /etc/init.d/samba4
------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/dns.keytab
-rwx------. 1 root named 707 Mar 15 2017 /usr/local/samba/private/dns.keytab
------------------------------------------------------------------------------
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 7:13:24 p. m. AST, Fermin Francisco <abcddo
at yahoo.com> escribió:
Good Afternoon!
I had thinking that maybe is a permissions problem.
Then, here the files permissions:
[root at pc ~]# ls -l /etc/resolv.conf-rw-r--r--. 1 root root 78 Jun 7 17:32
/etc/resolv.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hosts-rw-r--r--. 1 root root 193 Dec 4 2017
/etc/hosts
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hostname-rw-r--r--. 1 root root 6 Mar 15 2017
/etc/hostname
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/krb5.conf-rw-r--r-- 1 root named 275 Jun 7 21:14
/etc/krb5.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/named.conf-rw-r----- 1 named named 673 Jun 9 13:00
/etc/named.conf
[root at pc ~]# ls -l /usr/local/samba/etc/smb.conf-rw-r--r--. 1 root root 481
Jun 9 07:50
/usr/local/samba/etc/smb.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/named.conf-rwx------. 1 named
named 738 Jun 9 13:17
/usr/local/samba/private/named.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /var/named/total 7276drwxr-x--- 7 root named 4096
Jun 6 17:01 chrootdrwxr-x--- 7 root named 4096 Jun 6 17:01
chroot_sdb-rw------- 1 named named 59031552 Jun 9 13:17 core.2775drwxrwx---. 2
named named 4096 Apr 12 14:48 data-rw------- 1 named named 4619 Jun 9
16:41 _default.tsigkeysdrwxrwx---. 2 named named 4096 Jun 9 10:00
dynamicdrwxrwx---. 2 root named 4096 Aug 23 2017 dyndb-ldap-rw-r----- 1
root named 2281 May 22 2017 named.ca-rw-r----- 1 root named 152 Dec
15 2009 named.empty-rw-r----- 1 root named 152 Jun 21 2007
named.localhost-rw-r----- 1 root named 168 Dec 15 2009
named.loopbackdrwxrwx--- 2 named named 4096 Apr 12 14:48 slaves-rw-------
1 named named 0 Jun 6 16:53 tmp-NCmwqgdbNj-rw------- 1 named named
0 Jun 6 14:29 tmp-zUOntofvPk
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/sysconfig/selinuxlrwxrwxrwx. 1 root root 17 Mar 15
2017 /etc/sysconfig/selinux -> ../selinux/config
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/init.d/samba4-rwxr-xr-x. 1 root root 1150 Mar 15
2017 /etc/init.d/samba4
------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/dns.keytab-rwx------. 1 root
named 707 Mar 15 2017 /usr/local/samba/private/dns.keytab
------------------------------------------------------------------------------
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 2:15:50 p. m. AST, Dr. Hansjörg Maurer
<hansjoerg.maurer at itsd.de> escribió:
Hi
can you post your /etc/krb5.conf
Regards
Hansjörg
--
Dr. Hansjörg Maurer
itsystems Deutschland AG
Erzgießereistr. 22
80335 München
Tel: +49-89-52 04 68-41
Fax: +49-89-52 04 68-59
E-Mail: hansjoerg.maurer at itsd.de
Web: http://www.itsd.de
Amtsgericht München HRB 132146
USt-IdNr. DE 812991301
Steuer-Nr. 143/100/81575
Aufsichtsratsvorsitzender:
Stefan Adam
Vorstand:
Dr. Michael Krocka
Dr. Hansjörg Maurer
----------------------------
Unser System ist mit einem Mailverschluesselungs-Gateway ausgestattet. Wenn Sie
moechten, dass an Sie gerichtete E-Mails verschluesselt werden, senden Sie
einfach eine S/MIME-signierte E-Mail oder Ihren PGP Public Key an
hansjoerg.maurer at itsd.de.
Our system is equipped with an email encryption gateway. If you want email sent
to you to be encrypted please send a S/MIME signed email or your PGP public key
to hansjoerg.maurer at itsd.de.
Good evening!
I must tell you that I found the solution to the problem I had in relation to
the servicenamed I installed Centos 7.5 in a virtual machine and then I
configured Samba4.
Everything worked great in the virtual machine, and then I checked the
permissions to the files and folders in that virtual machine against the same
files and folders on the real PC. Then I found that inside the folder/ usr /
local / samba / private / most of the files had very different permissions than
the files that I had just installed in the virtual machine, so I modified the
filesand folders to be equal to the installation in the virtual machine.
After it finished restart the named service and everything worked as expected.
So in the end it was all a problem of permits.
Thanks everyone for your help!
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El lunes, 11 de junio de 2018 1:53:53 p. m. AST, Fermin Francisco <abcddo
at yahoo.com> escribió:
I forgot to say that I updated Centos from 7.4 to 7.5, and I updated samba4 to
the new version.
This Would be a problem of records of something like that.
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El lunes, 11 de junio de 2018 9:45:03 a. m. GMT-4, Fermin Francisco
<abcddo at yahoo.com> escribió:
Sorry, the real e-mail is this:
[root at pc ~]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor
preset: disabled)
Active: active (running) since Mon 2018-06-11 08:54:10 AST; 12min ago
Process: 1276 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS
(code=exited, status=0/SUCCESS)
Process: 1073 ExecStartPre=/bin/bash -c if [ !
"$DISABLE_ZONE_CHECKING" == "yes" ]; then
/usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of
zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 1278 (named)
CGroup: /system.slice/named.service
└─1278 /usr/sbin/named -u named -c /etc/named.conf -4
Jun 11 09:06:19 pc named[1278]: samba_dlz: starting transaction on zone
domain.local
Jun 11 09:06:19 pc named[1278]: client 172.20.1.95#62351: update
'domain.local/IN' denied
Jun 11 09:06:19 pc named[1278]: samba_dlz: cancelling transaction on zone
domain.local
Jun 11 09:06:19 pc named[1278]: samba_dlz: starting transaction on zone
domain.local
Jun 11 09:06:19 pc named[1278]: samba_dlz: disallowing update of
signer=ADMISIONES1\$\@domain.LOCAL name=ADMISIONES1.domain.local ty...s rights
Jun 11 09:06:19 pc named[1278]: client 172.20.1.95#51971/key
ADMISIONES1\$\@domain.LOCAL: updating zone 'domain.local/NONE': update
...REFUSED)
Jun 11 09:06:19 pc named[1278]: samba_dlz: cancelling transaction on zone
domain.local
Jun 11 09:06:45 pc named[1278]: samba_dlz: starting transaction on zone
domain.local
Jun 11 09:06:45 pc named[1278]: client 172.20.2.23#56645: update
'domain.local/IN' denied
Jun 11 09:06:45 pc named[1278]: samba_dlz: cancelling transaction on zone
domain.local
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El lunes, 11 de junio de 2018 9:16:55 a. m. GMT-4, Fermin Francisco
<abcddo at yahoo.com> escribió:
Good morning!
After I changed some permissions and owners of some files where Rowland told me,
I have the next escenary:
[root at proxy ~]# systemctl status named.service
● named.service - Berkeley Internet Name Domain (DNS)
Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor
preset: disabled)
Active: active (running) since Mon 2018-06-11 08:54:10 AST; 12min ago
Process: 1276 ExecStart=/usr/sbin/named -u named -c ${NAMEDCONF} $OPTIONS
(code=exited, status=0/SUCCESS)
Process: 1073 ExecStartPre=/bin/bash -c if [ !
"$DISABLE_ZONE_CHECKING" == "yes" ]; then
/usr/sbin/named-checkconf -z "$NAMEDCONF"; else echo "Checking of
zone files is disabled"; fi (code=exited, status=0/SUCCESS)
Main PID: 1278 (named)
CGroup: /system.slice/named.service
└─1278 /usr/sbin/named -u named -c /etc/named.conf -4
Jun 11 09:06:19 proxy named[1278]: samba_dlz: starting transaction on zone
gmu.local
Jun 11 09:06:19 proxy named[1278]: client 172.20.1.95#62351: update
'gmu.local/IN' denied
Jun 11 09:06:19 proxy named[1278]: samba_dlz: cancelling transaction on zone
gmu.local
Jun 11 09:06:19 proxy named[1278]: samba_dlz: starting transaction on zone
gmu.local
Jun 11 09:06:19 proxy named[1278]: samba_dlz: disallowing update of
signer=ADMISIONES1\$\@GMU.LOCAL name=ADMISIONES1.gmu.local ty...insuficient
access rights
Jun 11 09:06:19 proxy named[1278]: client 172.20.1.95#51971/key
ADMISIONES1\$\@GMU.LOCAL: updating zone 'gmu.local/NONE': update
...REFUSED)
Jun 11 09:06:19 proxy named[1278]: samba_dlz: cancelling transaction on zone
gmu.local
Jun 11 09:06:45 proxy named[1278]: samba_dlz: starting transaction on zone
gmu.local
Jun 11 09:06:45 proxy named[1278]: client 172.20.2.23#56645: update
'gmu.local/IN' denied
Jun 11 09:06:45 proxy named[1278]: samba_dlz: cancelling transaction on zone
gmu.local
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 7:53:21 p. m. GMT-4, Fermin Francisco
<abcddo at yahoo.com> escribió:
Good Afternoon!
I had thinking that maybe is a permissions problem.
Then, here the files permissions:
[root at pc ~]# ls -l /etc/resolv.conf
-rw-r--r--. 1 root root 78 Jun 7 17:32
/etc/resolv.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hosts
-rw-r--r--. 1 root root 193 Dec 4 2017 /etc/hosts
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hostname
-rw-r--r--. 1 root root 6 Mar 15 2017 /etc/hostname
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/krb5.conf
-rw-r--r-- 1 root named 275 Jun 7 21:14
/etc/krb5.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/named.conf
-rw-r----- 1 named named 673 Jun 9 13:00 /etc/named.conf
-----------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/etc/smb.conf
-rw-r--r--. 1 root root 481 Jun 9 07:50
/usr/local/samba/etc/smb.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/named.conf
-rwx------. 1 named named 738 Jun 9 13:17
/usr/local/samba/private/named.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /var/named/
total 7276drwxr-x--- 7 root named 4096 Jun 6 17:01 chroot
drwxr-x--- 7 root named 4096 Jun 6 17:01 chroot_sdb
-rw------- 1 named named 59031552 Jun 9 13:17 core.2775
drwxrwx---. 2 named named 4096 Apr 12 14:48 data
-rw------- 1 named named 4619 Jun 9 16:41 _default.tsigkeys
drwxrwx---. 2 named named 4096 Jun 9 10:00 dynamic
drwxrwx---. 2 root named 4096 Aug 23 2017 dyndb-ldap
-rw-r----- 1 root named 2281 May 22 2017 named.ca
-rw-r----- 1 root named 152 Dec 15 2009 named.empty
-rw-r----- 1 root named 152 Jun 21 2007 named.localhost
-rw-r----- 1 root named 168 Dec 15 2009 named.loopback
drwxrwx--- 2 named named 4096 Apr 12 14:48 slaves
-rw------- 1 named named 0 Jun 6 16:53 tmp-NCmwqgdbNj
-rw------- 1 named named 0 Jun 6 14:29 tmp-zUOntofvPk
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/sysconfig/selinux
lrwxrwxrwx. 1 root root 17 Mar 15 2017 /etc/sysconfig/selinux ->
../selinux/config
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/init.d/samba4
-rwxr-xr-x. 1 root root 1150 Mar 15 2017 /etc/init.d/samba4
------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/dns.keytab
-rwx------. 1 root named 707 Mar 15 2017 /usr/local/samba/private/dns.keytab
------------------------------------------------------------------------------
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 7:13:24 p. m. AST, Fermin Francisco <abcddo
at yahoo.com> escribió:
Good Afternoon!
I had thinking that maybe is a permissions problem.
Then, here the files permissions:
[root at pc ~]# ls -l /etc/resolv.conf-rw-r--r--. 1 root root 78 Jun 7 17:32
/etc/resolv.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hosts-rw-r--r--. 1 root root 193 Dec 4 2017
/etc/hosts
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/hostname-rw-r--r--. 1 root root 6 Mar 15 2017
/etc/hostname
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/krb5.conf-rw-r--r-- 1 root named 275 Jun 7 21:14
/etc/krb5.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/named.conf-rw-r----- 1 named named 673 Jun 9 13:00
/etc/named.conf
[root at pc ~]# ls -l /usr/local/samba/etc/smb.conf-rw-r--r--. 1 root root 481
Jun 9 07:50
/usr/local/samba/etc/smb.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/named.conf-rwx------. 1 named
named 738 Jun 9 13:17
/usr/local/samba/private/named.conf------------------------------------------------------------------------------
[root at pc ~]# ls -l /var/named/total 7276drwxr-x--- 7 root named 4096
Jun 6 17:01 chrootdrwxr-x--- 7 root named 4096 Jun 6 17:01
chroot_sdb-rw------- 1 named named 59031552 Jun 9 13:17 core.2775drwxrwx---. 2
named named 4096 Apr 12 14:48 data-rw------- 1 named named 4619 Jun 9
16:41 _default.tsigkeysdrwxrwx---. 2 named named 4096 Jun 9 10:00
dynamicdrwxrwx---. 2 root named 4096 Aug 23 2017 dyndb-ldap-rw-r----- 1
root named 2281 May 22 2017 named.ca-rw-r----- 1 root named 152 Dec
15 2009 named.empty-rw-r----- 1 root named 152 Jun 21 2007
named.localhost-rw-r----- 1 root named 168 Dec 15 2009
named.loopbackdrwxrwx--- 2 named named 4096 Apr 12 14:48 slaves-rw-------
1 named named 0 Jun 6 16:53 tmp-NCmwqgdbNj-rw------- 1 named named
0 Jun 6 14:29 tmp-zUOntofvPk
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/sysconfig/selinuxlrwxrwxrwx. 1 root root 17 Mar 15
2017 /etc/sysconfig/selinux -> ../selinux/config
------------------------------------------------------------------------------
[root at pc ~]# ls -l /etc/init.d/samba4-rwxr-xr-x. 1 root root 1150 Mar 15
2017 /etc/init.d/samba4
------------------------------------------------------------------------------
[root at pc ~]# ls -l /usr/local/samba/private/dns.keytab-rwx------. 1 root
named 707 Mar 15 2017 /usr/local/samba/private/dns.keytab
------------------------------------------------------------------------------
José Fermín Francisco Ferreras Registered User #579535 (LinuxCounter.net)
El sábado, 9 de junio de 2018 2:15:50 p. m. AST, Dr. Hansjörg Maurer
<hansjoerg.maurer at itsd.de> escribió:
Hi
can you post your /etc/krb5.conf
Regards
Hansjörg
--
Dr. Hansjörg Maurer
itsystems Deutschland AG
Erzgießereistr. 22
80335 München
Tel: +49-89-52 04 68-41
Fax: +49-89-52 04 68-59
E-Mail: hansjoerg.maurer at itsd.de
Web: http://www.itsd.de
Amtsgericht München HRB 132146
USt-IdNr. DE 812991301
Steuer-Nr. 143/100/81575
Aufsichtsratsvorsitzender:
Stefan Adam
Vorstand:
Dr. Michael Krocka
Dr. Hansjörg Maurer
----------------------------
Unser System ist mit einem Mailverschluesselungs-Gateway ausgestattet. Wenn Sie
moechten, dass an Sie gerichtete E-Mails verschluesselt werden, senden Sie
einfach eine S/MIME-signierte E-Mail oder Ihren PGP Public Key an
hansjoerg.maurer at itsd.de.
Our system is equipped with an email encryption gateway. If you want email sent
to you to be encrypted please send a S/MIME signed email or your PGP public key
to hansjoerg.maurer at itsd.de.