Hello $LIST, i setup a new clean domain to examine the feature of updating/creating PTR records. When i call ipconfig /registerdns on the client i get this entry in the windows eventlog (sorry german) Fehler beim Registrieren der Hostressourceneinträge (A oder AAAA) für den Netzwerkadapter mit den folgenden Einstellungen: Adaptername: {2A467E48-624B-4CCF-9B7D-9BA5629D8117} Hostname: w7test Primäres Domänensuffix: samba.laurenz.ws DNS-Serverliste: 192.168.2.231, 192.168.2.232 Server, an den das Update gesendet wurde: 192.168.2.231:53 IP-Adresse(n): 192.168.2.107 Die Ressourceneinträge konnten aufgrund eines Systemproblems nicht während der Updateanforderung registriert werden. Sie können die DNS-Registrierung des Netzwerkadapters und der dazugehörigen Einstellungen manuell ausführen, indem Sie an der Eingabeaufforderung "ipconfig /registerdns" eingeben. Wenden Sie sich an den DNS-Server- oder Netzwerksystemadministrator, wenn das Problem weiterhin besteht. Genauere Fehlercodeinformationen finden Sie in den Ereignisdetails. On the DC i see this: root at dc01:/var/lib/samba/private# systemctl status bind9 ● bind9.service - BIND Domain Name Server Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2019-03-08 16:07:35 CET; 4min 7s ago Docs: man:named(8) Process: 30090 ExecStop=/usr/sbin/rndc stop (code=exited, status=0/SUCCESS) Main PID: 30095 (named) CGroup: /system.slice/bind9.service └─30095 /usr/sbin/named -f -u bind Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset _ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws '_ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws. 900 IN SRV 0 100 389 dc01.sa Mar 08 16:07:46 dc01 named[30095]: samba_dlz: subtracted rdataset samba.laurenz.ws 'samba.laurenz.ws. 3600 IN SOA dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 7 900 600 86400 3600' Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset samba.laurenz.ws 'samba.laurenz.ws. 3600 IN SOA dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 8 900 600 86400 3600' Mar 08 16:07:46 dc01 named[30095]: samba_dlz: committed transaction on zone samba.laurenz.ws Mar 08 16:08:13 dc01 named[30095]: samba_dlz: starting transaction on zone samba.laurenz.ws Mar 08 16:08:13 dc01 named[30095]: client 192.168.2.107#55757: update 'samba.laurenz.ws/IN' denied Mar 08 16:08:13 dc01 named[30095]: samba_dlz: cancelling transaction on zone samba.laurenz.ws Mar 08 16:11:23 dc01 named[30095]: samba_dlz: starting transaction on zone samba.laurenz.ws Mar 08 16:11:23 dc01 named[30095]: client 192.168.2.107#51224: update 'samba.laurenz.ws/IN' denied Mar 08 16:11:23 dc01 named[30095]: samba_dlz: cancelling transaction on zone samba.laurenz.ws No entry in log.samba at that timestap, the rndc error was before (no read access to dns.keytab) root at dc01:/var/lib/samba/private# tail /var/log/samba/log.samba [2019/03/08 16:03:16.913274, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) /usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is unacceptable [2019/03/08 16:03:17.234968, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) /usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is unacceptable [2019/03/08 16:03:17.321152, 0] ../source4/dsdb/dns/dns_update.c:330(dnsupdate_nameupdate_done) ../source4/dsdb/dns/dns_update.c:330: Failed DNS update - with error code 8 [2019/03/08 16:04:23.222079, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) /usr/sbin/rndc: rndc: 'reload' failed: file not found [2019/03/08 16:04:23.239566, 0] ../source4/dsdb/dns/dns_update.c:91(dnsupdate_rndc_done) ../source4/dsdb/dns/dns_update.c:91: Failed rndc update - NT_STATUS_ACCESS_DENIED In DNS Manager secure & unsecured updates are allowed… I’m not sure, why bind is denying…. Regards, Dirk
On Fri, 8 Mar 2019 19:14:32 +0100 Dirk Laurenz via samba <samba at lists.samba.org> wrote:> Hello $LIST, > > > > i setup a new clean domain to examine the feature of > updating/creating PTR records. When i call ipconfig /registerdns on > the client i get this entry in the windows eventlog (sorry german) > > > > Fehler beim Registrieren der Hostressourceneinträge (A oder AAAA) für > den Netzwerkadapter > > mit den folgenden Einstellungen: > > > > Adaptername: {2A467E48-624B-4CCF-9B7D-9BA5629D8117} > > Hostname: w7test > > Primäres Domänensuffix: samba.laurenz.ws > > DNS-Serverliste: > > 192.168.2.231, 192.168.2.232 > > Server, an den das Update gesendet wurde: 192.168.2.231:53 > > IP-Adresse(n): > > 192.168.2.107 > > > > Die Ressourceneinträge konnten aufgrund eines Systemproblems nicht > während der Updateanforderung registriert werden. Sie können die > DNS-Registrierung des Netzwerkadapters und der dazugehörigen > Einstellungen manuell ausführen, indem Sie an der Eingabeaufforderung > "ipconfig /registerdns" eingeben. Wenden Sie sich an den DNS-Server- > oder Netzwerksystemadministrator, wenn das Problem weiterhin besteht. > Genauere Fehlercodeinformationen finden Sie in den Ereignisdetails. > > > > On the DC i see this: > > > > root at dc01:/var/lib/samba/private# systemctl status bind9 > > ● bind9.service - BIND Domain Name Server > > Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor > preset: enabled) > > Active: active (running) since Fri 2019-03-08 16:07:35 CET; 4min > 7s ago > > Docs: man:named(8) > > Process: 30090 ExecStop=/usr/sbin/rndc stop (code=exited, > status=0/SUCCESS) > > Main PID: 30095 (named) > > CGroup: /system.slice/bind9.service > > └─30095 /usr/sbin/named -f -u bind > > > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset > _ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws > '_ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws. > 900 IN SRV 0 100 389 dc01.sa > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: subtracted rdataset > samba.laurenz.ws 'samba.laurenz.ws. 3600 IN > SOA dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 7 900 > 600 86400 3600' > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset > samba.laurenz.ws 'samba.laurenz.ws. 3600 IN > SOA dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 8 900 > 600 86400 3600' > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: committed transaction > on zone samba.laurenz.ws > > Mar 08 16:08:13 dc01 named[30095]: samba_dlz: starting transaction on > zone samba.laurenz.ws > > Mar 08 16:08:13 dc01 named[30095]: client 192.168.2.107#55757: update > 'samba.laurenz.ws/IN' denied > > Mar 08 16:08:13 dc01 named[30095]: samba_dlz: cancelling transaction > on zone samba.laurenz.ws > > Mar 08 16:11:23 dc01 named[30095]: samba_dlz: starting transaction on > zone samba.laurenz.ws > > Mar 08 16:11:23 dc01 named[30095]: client 192.168.2.107#51224: update > 'samba.laurenz.ws/IN' denied > > Mar 08 16:11:23 dc01 named[30095]: samba_dlz: cancelling transaction > on zone samba.laurenz.ws > > > > No entry in log.samba at that timestap, the rndc error was before (no > read access to dns.keytab) > > > > root at dc01:/var/lib/samba/private# tail /var/log/samba/log.samba > > [2019/03/08 16:03:16.913274, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is > unacceptable > > [2019/03/08 16:03:17.234968, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is > unacceptable > > [2019/03/08 16:03:17.321152, > 0] ../source4/dsdb/dns/dns_update.c:330(dnsupdate_nameupdate_done) > > ../source4/dsdb/dns/dns_update.c:330: Failed DNS update - with > error code 8 > > [2019/03/08 16:04:23.222079, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/rndc: rndc: 'reload' failed: file not found > > [2019/03/08 16:04:23.239566, > 0] ../source4/dsdb/dns/dns_update.c:91(dnsupdate_rndc_done) > > ../source4/dsdb/dns/dns_update.c:91: Failed rndc update - > NT_STATUS_ACCESS_DENIED > > > > In DNS Manager secure & unsecured updates are allowed… > > > > I’m not sure, why bind is denying….Try adding this to smb.conf on the Samba DC: dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool Restart the DC and see what happens. Rowland
Hello, the first mistake was, that only secure updates was configured on the client - I changed via GPO to unsecure followed by secure. Now this works for both; but The A record is now updated, but not the PTR. -----Ursprüngliche Nachricht----- Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Rowland Penny via samba Gesendet: Freitag, 8. März 2019 19:57 An: samba at lists.samba.org Betreff: Re: [Samba] ipconfig /registerdns & PTR Records On Fri, 8 Mar 2019 19:14:32 +0100 Dirk Laurenz via samba <samba at lists.samba.org> wrote:> Hello $LIST, > > > > i setup a new clean domain to examine the feature of updating/creating > PTR records. When i call ipconfig /registerdns on the client i get > this entry in the windows eventlog (sorry german) > > > > Fehler beim Registrieren der Hostressourceneinträge (A oder AAAA) für > den Netzwerkadapter > > mit den folgenden Einstellungen: > > > > Adaptername: {2A467E48-624B-4CCF-9B7D-9BA5629D8117} > > Hostname: w7test > > Primäres Domänensuffix: samba.laurenz.ws > > DNS-Serverliste: > > 192.168.2.231, 192.168.2.232 > > Server, an den das Update gesendet wurde: 192.168.2.231:53 > > IP-Adresse(n): > > 192.168.2.107 > > > > Die Ressourceneinträge konnten aufgrund eines Systemproblems nicht > während der Updateanforderung registriert werden. Sie können die > DNS-Registrierung des Netzwerkadapters und der dazugehörigen > Einstellungen manuell ausführen, indem Sie an der Eingabeaufforderung > "ipconfig /registerdns" eingeben. Wenden Sie sich an den DNS-Server- > oder Netzwerksystemadministrator, wenn das Problem weiterhin besteht. > Genauere Fehlercodeinformationen finden Sie in den Ereignisdetails. > > > > On the DC i see this: > > > > root at dc01:/var/lib/samba/private# systemctl status bind9 > > ● bind9.service - BIND Domain Name Server > > Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor > preset: enabled) > > Active: active (running) since Fri 2019-03-08 16:07:35 CET; 4min 7s > ago > > Docs: man:named(8) > > Process: 30090 ExecStop=/usr/sbin/rndc stop (code=exited, > status=0/SUCCESS) > > Main PID: 30095 (named) > > CGroup: /system.slice/bind9.service > > └─30095 /usr/sbin/named -f -u bind > > > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset > _ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws > '_ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws. > 900 IN SRV 0 100 389 dc01.sa > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: subtracted rdataset > samba.laurenz.ws 'samba.laurenz.ws. 3600 IN > SOA dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 7 900 > 600 86400 3600' > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset > samba.laurenz.ws 'samba.laurenz.ws. 3600 IN > SOA dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 8 900 > 600 86400 3600' > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: committed transaction on > zone samba.laurenz.ws > > Mar 08 16:08:13 dc01 named[30095]: samba_dlz: starting transaction on > zone samba.laurenz.ws > > Mar 08 16:08:13 dc01 named[30095]: client 192.168.2.107#55757: update > 'samba.laurenz.ws/IN' denied > > Mar 08 16:08:13 dc01 named[30095]: samba_dlz: cancelling transaction > on zone samba.laurenz.ws > > Mar 08 16:11:23 dc01 named[30095]: samba_dlz: starting transaction on > zone samba.laurenz.ws > > Mar 08 16:11:23 dc01 named[30095]: client 192.168.2.107#51224: update > 'samba.laurenz.ws/IN' denied > > Mar 08 16:11:23 dc01 named[30095]: samba_dlz: cancelling transaction > on zone samba.laurenz.ws > > > > No entry in log.samba at that timestap, the rndc error was before (no > read access to dns.keytab) > > > > root at dc01:/var/lib/samba/private# tail /var/log/samba/log.samba > > [2019/03/08 16:03:16.913274, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is > unacceptable > > [2019/03/08 16:03:17.234968, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is > unacceptable > > [2019/03/08 16:03:17.321152, > 0] ../source4/dsdb/dns/dns_update.c:330(dnsupdate_nameupdate_done) > > ../source4/dsdb/dns/dns_update.c:330: Failed DNS update - with error > code 8 > > [2019/03/08 16:04:23.222079, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/rndc: rndc: 'reload' failed: file not found > > [2019/03/08 16:04:23.239566, > 0] ../source4/dsdb/dns/dns_update.c:91(dnsupdate_rndc_done) > > ../source4/dsdb/dns/dns_update.c:91: Failed rndc update - > NT_STATUS_ACCESS_DENIED > > > > In DNS Manager secure & unsecured updates are allowed… > > > > I’m not sure, why bind is denying….Try adding this to smb.conf on the Samba DC: dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool Restart the DC and see what happens. Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba