samba - May 2019 - dlz_bind9_9.so: failed to map segment from shared object

>No, ALL of your named named.conf files, this includes the ones in 
>/etc/bind 'named.conf, named.conf.options, named.conf.local, 
>named.conf.default-zones and finally the one you have posted, but from 
>before you changed it.
>
>Can you also answer the question, was bind9 installed before you 
>provisioned Samba ?
>Rowland

I have installed BIND9 after installed the Debian operation System new


samba-tool domain provision --use-rfc2307 --realm=x.200.caloro.moolgeeks 
--domain=caloro.m --server-role=dc1 --dns-backend=BIND9_DLZ 
--adminpass=putonepasswordhere.

---->>
root at X200:/etc/bind# cat named.conf
        include "/etc/bind/named.conf.options";
        include "/etc/bind/named.conf.local";
        include "/etc/bind/named.conf.default-zones";
        include "/var/lib/samba/bind-dns/named.conf";

---->>
root at X200:/etc/bind# cat named.conf.options
options {
        directory "/var/cache/bind";

        forwarders {
                8.8.8.8;
         };

        dnssec-validation no;
        listen-on-v6 { any; };
        tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";

        recursion yes;

        auth-nxdomain no;
        listen-on-v6 { any; };
        allow-transfer { 192.168.1.0/24; };
};
        acl "acl_trusted_transfer" {
                192.168.1.0/24;
};

---->>
root at X200:/etc/bind# cat named.conf.local
//
// Do any local configuration here

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "caloro.m" {
        type master;
        file "/etc/bind/db.caloro";
};

zone "1.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/db.calororeverse";
};


---->>
root at X200:/etc/bind# cat named.conf.default-zones
// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/usr/share/dns/root.hints";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};


---->>
root at X200:/etc/bind# cat "/var/lib/samba/bind-dns/named.conf"
# This DNS configuration is for BIND 9.8.0 or later with dlz_dlopen 
support.
#
# This file should be included in your main BIND configuration file
#
# For example with
# include "/var/lib/samba/bind-dns/named.conf";

#
# This configures dynamically loadable zones (DLZ) from AD schema
# Uncomment only single database line, depending on your BIND version
#
dlz "AD DNS Zone" {
    # For BIND 9.11.x
     database "dlopen 
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_11.so -d 3";

    # For BIND 9.12.x
    # database "dlopen 
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_12.so";
};


-->
Regards
Mauri

On 25/05/2019 21:26, Maurizio Caloro wrote:
> I have installed BIND9 after installed the Debian operation System new
>
I take it that means it was installed before the provision ;-)
>
> samba-tool domain provision --use-rfc2307 
> --realm=x.200.caloro.moolgeeks --domain=caloro.m --server-role=dc1 
> --dns-backend=BIND9_DLZ --adminpass=putonepasswordhere.
>
I take that because you have this below: zone "caloro.m"

Your dns domain is 'caloro.m', is this correct ?

If it is your dns domain, your provision is incorrect, the realm should 
be CALORO.M and the domain should be CALORO (or anything you want, as 
long as it is in uppercase and doesn't contain a dot), the 
'--server-role' should be 'dc' not 'dc1' (which I
presume is the short
hostname)
> ---->>
> *root at X200:/etc/bind# cat named.conf*
>         include "/etc/bind/named.conf.options";
>         include "/etc/bind/named.conf.local";
>         include "/etc/bind/named.conf.default-zones";
>         include "/var/lib/samba/bind-dns/named.conf";
>
> ---->>
> *root at X200:/etc/bind# cat named.conf.options*
> options {
>         directory "/var/cache/bind";
>
>         forwarders {
>       8.8.8.8;
>          };
>
>         dnssec-validation no;
>         listen-on-v6 { any; };
>         tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
>
>         recursion yes;
>
>         auth-nxdomain no;
>         listen-on-v6 { any; };
>         allow-transfer { 192.168.1.0/24; };
> };
>         acl "acl_trusted_transfer" {
>       192.168.1.0/24;
> };
>
> ---->>
> *root at X200:/etc/bind# cat named.conf.local*
> //
> // Do any local configuration here
>
> // Consider adding the 1918 zones here, if they are not used in your
> // organization
> //include "/etc/bind/zones.rfc1918";
>
> zone "caloro.m" {
>         type master;
>         file "/etc/bind/db.caloro";
> };
>
> zone "1.168.192.in-addr.arpa" {
>         type master;
>         file "/etc/bind/db.calororeverse";
> };
>
Sorry, but you cannot have the AD dns zones in the named.conf files, 
they are are in AD, this is known as 'flatfiles and you cannot use 
'flatfiles'.
>
> ---->>
> *root at X200:/etc/bind# cat named.conf.default-zones*
> // prime the server with knowledge of the root servers
> zone "." {
>         type hint;
>         file "/usr/share/dns/root.hints";
> };
>
> // be authoritative for the localhost forward and reverse zones, and for
> // broadcast zones as per RFC 1912
>
> zone "localhost" {
>         type master;
>         file "/etc/bind/db.local";
> };
>
> zone "127.in-addr.arpa" {
>         type master;
>         file "/etc/bind/db.127";
> };
>
> zone "0.in-addr.arpa" {
>         type master;
>         file "/etc/bind/db.0";
> };
>
> zone "255.in-addr.arpa" {
>         type master;
>         file "/etc/bind/db.255";
> };
>
>
> ---->>
> *root at X200:/etc/bind# cat
"/var/lib/samba/bind-dns/named.conf"*
> # This DNS configuration is for BIND 9.8.0 or later with dlz_dlopen 
> support.
> #
> # This file should be included in your main BIND configuration file
> #
> # For example with
> # include "/var/lib/samba/bind-dns/named.conf";
>
> #
> # This configures dynamically loadable zones (DLZ) from AD schema
> # Uncomment only single database line, depending on your BIND version
> #
> dlz "AD DNS Zone" {
>     # For BIND 9.11.x
>      database "dlopen 
> /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_11.so -d 3";
>
>     # For BIND 9.12.x
>     # database "dlopen 
> /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_12.so";
> };
>
>
Sorry, but this is not the file created by the provision.

Rowland
> -->
> Regards
> Mauri

>Sorry, but this is not the file created by the provision.
>Rowland

Please how i can find the correct file that was create with the provision 
?
And how i can read and learn more about the creation of Samba AD 
integration.

Sorry i understand that "flatfile" but i don't know what i need to
configure.......

Regards
Mauri