Hello $LIST,
i setup a new clean domain to examine the feature of updating/creating PTR
records. When i call ipconfig /registerdns on the client i get this entry in the
windows eventlog (sorry german)
Fehler beim Registrieren der Hostressourceneinträge (A oder AAAA) für den
Netzwerkadapter
mit den folgenden Einstellungen:
Adaptername: {2A467E48-624B-4CCF-9B7D-9BA5629D8117}
Hostname: w7test
Primäres Domänensuffix: samba.laurenz.ws
DNS-Serverliste:
192.168.2.231, 192.168.2.232
Server, an den das Update gesendet wurde: 192.168.2.231:53
IP-Adresse(n):
192.168.2.107
Die Ressourceneinträge konnten aufgrund eines Systemproblems nicht während der
Updateanforderung registriert werden. Sie können die DNS-Registrierung des
Netzwerkadapters und der dazugehörigen Einstellungen manuell ausführen, indem
Sie an der Eingabeaufforderung "ipconfig /registerdns" eingeben.
Wenden Sie sich an den DNS-Server- oder Netzwerksystemadministrator, wenn das
Problem weiterhin besteht. Genauere Fehlercodeinformationen finden Sie in den
Ereignisdetails.
On the DC i see this:
root at dc01:/var/lib/samba/private# systemctl status bind9
● bind9.service - BIND Domain Name Server
Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset:
enabled)
Active: active (running) since Fri 2019-03-08 16:07:35 CET; 4min 7s ago
Docs: man:named(8)
Process: 30090 ExecStop=/usr/sbin/rndc stop (code=exited, status=0/SUCCESS)
Main PID: 30095 (named)
CGroup: /system.slice/bind9.service
└─30095 /usr/sbin/named -f -u bind
Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset
_ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws
'_ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws. 900
IN SRV 0 100 389 dc01.sa
Mar 08 16:07:46 dc01 named[30095]: samba_dlz: subtracted rdataset
samba.laurenz.ws 'samba.laurenz.ws. 3600 IN SOA
dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 7 900 600 86400 3600'
Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset samba.laurenz.ws
'samba.laurenz.ws. 3600 IN SOA
dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 8 900 600 86400 3600'
Mar 08 16:07:46 dc01 named[30095]: samba_dlz: committed transaction on zone
samba.laurenz.ws
Mar 08 16:08:13 dc01 named[30095]: samba_dlz: starting transaction on zone
samba.laurenz.ws
Mar 08 16:08:13 dc01 named[30095]: client 192.168.2.107#55757: update
'samba.laurenz.ws/IN' denied
Mar 08 16:08:13 dc01 named[30095]: samba_dlz: cancelling transaction on zone
samba.laurenz.ws
Mar 08 16:11:23 dc01 named[30095]: samba_dlz: starting transaction on zone
samba.laurenz.ws
Mar 08 16:11:23 dc01 named[30095]: client 192.168.2.107#51224: update
'samba.laurenz.ws/IN' denied
Mar 08 16:11:23 dc01 named[30095]: samba_dlz: cancelling transaction on zone
samba.laurenz.ws
No entry in log.samba at that timestap, the rndc error was before (no read
access to dns.keytab)
root at dc01:/var/lib/samba/private# tail /var/log/samba/log.samba
[2019/03/08 16:03:16.913274, 0]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is unacceptable
[2019/03/08 16:03:17.234968, 0]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is unacceptable
[2019/03/08 16:03:17.321152, 0]
../source4/dsdb/dns/dns_update.c:330(dnsupdate_nameupdate_done)
../source4/dsdb/dns/dns_update.c:330: Failed DNS update - with error code 8
[2019/03/08 16:04:23.222079, 0]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
/usr/sbin/rndc: rndc: 'reload' failed: file not found
[2019/03/08 16:04:23.239566, 0]
../source4/dsdb/dns/dns_update.c:91(dnsupdate_rndc_done)
../source4/dsdb/dns/dns_update.c:91: Failed rndc update -
NT_STATUS_ACCESS_DENIED
In DNS Manager secure & unsecured updates are allowed…
I’m not sure, why bind is denying….
Regards,
Dirk
On Fri, 8 Mar 2019 19:14:32 +0100 Dirk Laurenz via samba <samba at lists.samba.org> wrote:> Hello $LIST, > > > > i setup a new clean domain to examine the feature of > updating/creating PTR records. When i call ipconfig /registerdns on > the client i get this entry in the windows eventlog (sorry german) > > > > Fehler beim Registrieren der Hostressourceneinträge (A oder AAAA) für > den Netzwerkadapter > > mit den folgenden Einstellungen: > > > > Adaptername: {2A467E48-624B-4CCF-9B7D-9BA5629D8117} > > Hostname: w7test > > Primäres Domänensuffix: samba.laurenz.ws > > DNS-Serverliste: > > 192.168.2.231, 192.168.2.232 > > Server, an den das Update gesendet wurde: 192.168.2.231:53 > > IP-Adresse(n): > > 192.168.2.107 > > > > Die Ressourceneinträge konnten aufgrund eines Systemproblems nicht > während der Updateanforderung registriert werden. Sie können die > DNS-Registrierung des Netzwerkadapters und der dazugehörigen > Einstellungen manuell ausführen, indem Sie an der Eingabeaufforderung > "ipconfig /registerdns" eingeben. Wenden Sie sich an den DNS-Server- > oder Netzwerksystemadministrator, wenn das Problem weiterhin besteht. > Genauere Fehlercodeinformationen finden Sie in den Ereignisdetails. > > > > On the DC i see this: > > > > root at dc01:/var/lib/samba/private# systemctl status bind9 > > ● bind9.service - BIND Domain Name Server > > Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor > preset: enabled) > > Active: active (running) since Fri 2019-03-08 16:07:35 CET; 4min > 7s ago > > Docs: man:named(8) > > Process: 30090 ExecStop=/usr/sbin/rndc stop (code=exited, > status=0/SUCCESS) > > Main PID: 30095 (named) > > CGroup: /system.slice/bind9.service > > └─30095 /usr/sbin/named -f -u bind > > > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset > _ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws > '_ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws. > 900 IN SRV 0 100 389 dc01.sa > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: subtracted rdataset > samba.laurenz.ws 'samba.laurenz.ws. 3600 IN > SOA dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 7 900 > 600 86400 3600' > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset > samba.laurenz.ws 'samba.laurenz.ws. 3600 IN > SOA dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 8 900 > 600 86400 3600' > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: committed transaction > on zone samba.laurenz.ws > > Mar 08 16:08:13 dc01 named[30095]: samba_dlz: starting transaction on > zone samba.laurenz.ws > > Mar 08 16:08:13 dc01 named[30095]: client 192.168.2.107#55757: update > 'samba.laurenz.ws/IN' denied > > Mar 08 16:08:13 dc01 named[30095]: samba_dlz: cancelling transaction > on zone samba.laurenz.ws > > Mar 08 16:11:23 dc01 named[30095]: samba_dlz: starting transaction on > zone samba.laurenz.ws > > Mar 08 16:11:23 dc01 named[30095]: client 192.168.2.107#51224: update > 'samba.laurenz.ws/IN' denied > > Mar 08 16:11:23 dc01 named[30095]: samba_dlz: cancelling transaction > on zone samba.laurenz.ws > > > > No entry in log.samba at that timestap, the rndc error was before (no > read access to dns.keytab) > > > > root at dc01:/var/lib/samba/private# tail /var/log/samba/log.samba > > [2019/03/08 16:03:16.913274, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is > unacceptable > > [2019/03/08 16:03:17.234968, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is > unacceptable > > [2019/03/08 16:03:17.321152, > 0] ../source4/dsdb/dns/dns_update.c:330(dnsupdate_nameupdate_done) > > ../source4/dsdb/dns/dns_update.c:330: Failed DNS update - with > error code 8 > > [2019/03/08 16:04:23.222079, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/rndc: rndc: 'reload' failed: file not found > > [2019/03/08 16:04:23.239566, > 0] ../source4/dsdb/dns/dns_update.c:91(dnsupdate_rndc_done) > > ../source4/dsdb/dns/dns_update.c:91: Failed rndc update - > NT_STATUS_ACCESS_DENIED > > > > In DNS Manager secure & unsecured updates are allowed… > > > > I’m not sure, why bind is denying….Try adding this to smb.conf on the Samba DC: dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool Restart the DC and see what happens. Rowland
Hello, the first mistake was, that only secure updates was configured on the client - I changed via GPO to unsecure followed by secure. Now this works for both; but The A record is now updated, but not the PTR. -----Ursprüngliche Nachricht----- Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Rowland Penny via samba Gesendet: Freitag, 8. März 2019 19:57 An: samba at lists.samba.org Betreff: Re: [Samba] ipconfig /registerdns & PTR Records On Fri, 8 Mar 2019 19:14:32 +0100 Dirk Laurenz via samba <samba at lists.samba.org> wrote:> Hello $LIST, > > > > i setup a new clean domain to examine the feature of updating/creating > PTR records. When i call ipconfig /registerdns on the client i get > this entry in the windows eventlog (sorry german) > > > > Fehler beim Registrieren der Hostressourceneinträge (A oder AAAA) für > den Netzwerkadapter > > mit den folgenden Einstellungen: > > > > Adaptername: {2A467E48-624B-4CCF-9B7D-9BA5629D8117} > > Hostname: w7test > > Primäres Domänensuffix: samba.laurenz.ws > > DNS-Serverliste: > > 192.168.2.231, 192.168.2.232 > > Server, an den das Update gesendet wurde: 192.168.2.231:53 > > IP-Adresse(n): > > 192.168.2.107 > > > > Die Ressourceneinträge konnten aufgrund eines Systemproblems nicht > während der Updateanforderung registriert werden. Sie können die > DNS-Registrierung des Netzwerkadapters und der dazugehörigen > Einstellungen manuell ausführen, indem Sie an der Eingabeaufforderung > "ipconfig /registerdns" eingeben. Wenden Sie sich an den DNS-Server- > oder Netzwerksystemadministrator, wenn das Problem weiterhin besteht. > Genauere Fehlercodeinformationen finden Sie in den Ereignisdetails. > > > > On the DC i see this: > > > > root at dc01:/var/lib/samba/private# systemctl status bind9 > > ● bind9.service - BIND Domain Name Server > > Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor > preset: enabled) > > Active: active (running) since Fri 2019-03-08 16:07:35 CET; 4min 7s > ago > > Docs: man:named(8) > > Process: 30090 ExecStop=/usr/sbin/rndc stop (code=exited, > status=0/SUCCESS) > > Main PID: 30095 (named) > > CGroup: /system.slice/bind9.service > > └─30095 /usr/sbin/named -f -u bind > > > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset > _ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws > '_ldap._tcp.Zuahause._sites.ForestDnsZones.samba.laurenz.ws. > 900 IN SRV 0 100 389 dc01.sa > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: subtracted rdataset > samba.laurenz.ws 'samba.laurenz.ws. 3600 IN > SOA dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 7 900 > 600 86400 3600' > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: added rdataset > samba.laurenz.ws 'samba.laurenz.ws. 3600 IN > SOA dc01.samba.laurenz.ws. hostmaster.samba.laurenz.ws. 8 900 > 600 86400 3600' > > Mar 08 16:07:46 dc01 named[30095]: samba_dlz: committed transaction on > zone samba.laurenz.ws > > Mar 08 16:08:13 dc01 named[30095]: samba_dlz: starting transaction on > zone samba.laurenz.ws > > Mar 08 16:08:13 dc01 named[30095]: client 192.168.2.107#55757: update > 'samba.laurenz.ws/IN' denied > > Mar 08 16:08:13 dc01 named[30095]: samba_dlz: cancelling transaction > on zone samba.laurenz.ws > > Mar 08 16:11:23 dc01 named[30095]: samba_dlz: starting transaction on > zone samba.laurenz.ws > > Mar 08 16:11:23 dc01 named[30095]: client 192.168.2.107#51224: update > 'samba.laurenz.ws/IN' denied > > Mar 08 16:11:23 dc01 named[30095]: samba_dlz: cancelling transaction > on zone samba.laurenz.ws > > > > No entry in log.samba at that timestap, the rndc error was before (no > read access to dns.keytab) > > > > root at dc01:/var/lib/samba/private# tail /var/log/samba/log.samba > > [2019/03/08 16:03:16.913274, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is > unacceptable > > [2019/03/08 16:03:17.234968, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is > unacceptable > > [2019/03/08 16:03:17.321152, > 0] ../source4/dsdb/dns/dns_update.c:330(dnsupdate_nameupdate_done) > > ../source4/dsdb/dns/dns_update.c:330: Failed DNS update - with error > code 8 > > [2019/03/08 16:04:23.222079, > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) > > /usr/sbin/rndc: rndc: 'reload' failed: file not found > > [2019/03/08 16:04:23.239566, > 0] ../source4/dsdb/dns/dns_update.c:91(dnsupdate_rndc_done) > > ../source4/dsdb/dns/dns_update.c:91: Failed rndc update - > NT_STATUS_ACCESS_DENIED > > > > In DNS Manager secure & unsecured updates are allowed… > > > > I’m not sure, why bind is denying….Try adding this to smb.conf on the Samba DC: dns update command = /usr/sbin/samba_dnsupdate --use-samba-tool Restart the DC and see what happens. Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba