On 05/08/2019 10:14, Patrik wrote:> I am not using flatfiles and i using BIND_DLZ it shows in my log and i > do not use flatfiles. BIND_DLZ only.Oh yes you are, you have this in your /etc/bind/named.conf.local : ??? zone "patrikx3.com" { ??????? type master; ??????? file "/etc/bind/zones/enp1s0f3/patrikx3.com"; ??????? include "/var/lib/samba/private/named.conf.update"; ??? }; That means your AD records are being stored in /etc/bind/zones/enp1s0f3/patrikx3.com and not in AD, this is known as 'flatfile' and is not supported by Samba. You also seem to using bind9 as a dns server for domains that have nothing to do with AD, this is not recommended. Rowland
ok, so i remove that nemd.conf.update, but the rest it looks good? *Patrik* WWW <https://patrikx3.com> | GitHub <https://github.com/patrikx3/> | NPM <https://www.npmjs.com/~patrikx3> | Corifeus <https://corifeus.com> | +36 20 342 8046 On Mon, Aug 5, 2019 at 11:28 AM Rowland penny via samba < samba at lists.samba.org> wrote:> On 05/08/2019 10:14, Patrik wrote: > > I am not using flatfiles and i using BIND_DLZ it shows in my log and i > > do not use flatfiles. BIND_DLZ only. > > Oh yes you are, you have this in your /etc/bind/named.conf.local : > > zone "patrikx3.com" { > type master; > file "/etc/bind/zones/enp1s0f3/patrikx3.com"; > include "/var/lib/samba/private/named.conf.update"; > }; > > That means your AD records are being stored in > /etc/bind/zones/enp1s0f3/patrikx3.com and not in AD, this is known as > 'flatfile' and is not supported by Samba. > > You also seem to using bind9 as a dns server for domains that have > nothing to do with AD, this is not recommended. > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
i only added this in the appropriote interface
include "/var/lib/samba/private/named.conf";
root at server:/# cat /var/lib/samba/private/named.conf
# This DNS configuration is for BIND 9.8.0 or later with dlz_dlopen support.
#
# This file should be included in your main BIND configuration file
#
# For example with
# include "/var/lib/samba/private/named.conf";
#
# This configures dynamically loadable zones (DLZ) from AD schema
# Uncomment only single database line, depending on your BIND version
#
dlz "AD DNS Zone" {
# For BIND 9.8.x
# database "dlopen
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9.so";
# For BIND 9.9.x
# database "dlopen
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_9.so";
# For BIND 9.10.x
# database "dlopen
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_10.so";
# For BIND 9.11.x
database "dlopen
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_11.so";
};
*I am on Bind 9.11*
*Patrik*
WWW <https://patrikx3.com> | GitHub <https://github.com/patrikx3/> |
NPM
<https://www.npmjs.com/~patrikx3> | Corifeus <https://corifeus.com>
| +36
20 342 8046
On Mon, Aug 5, 2019 at 11:29 AM Patrik <alabard at gmail.com> wrote:
> ok, so i remove that nemd.conf.update, but the rest it looks good?
>
> *Patrik*
> WWW <https://patrikx3.com> | GitHub
<https://github.com/patrikx3/> | NPM
> <https://www.npmjs.com/~patrikx3> | Corifeus
<https://corifeus.com> | +36
> 20 342 8046
>
>
>
>
> On Mon, Aug 5, 2019 at 11:28 AM Rowland penny via samba <
> samba at lists.samba.org> wrote:
>
>> On 05/08/2019 10:14, Patrik wrote:
>> > I am not using flatfiles and i using BIND_DLZ it shows in my log
and i
>> > do not use flatfiles. BIND_DLZ only.
>>
>> Oh yes you are, you have this in your /etc/bind/named.conf.local :
>>
>> zone "patrikx3.com" {
>> type master;
>> file "/etc/bind/zones/enp1s0f3/patrikx3.com";
>> include "/var/lib/samba/private/named.conf.update";
>> };
>>
>> That means your AD records are being stored in
>> /etc/bind/zones/enp1s0f3/patrikx3.com and not in AD, this is known as
>> 'flatfile' and is not supported by Samba.
>>
>> You also seem to using bind9 as a dns server for domains that have
>> nothing to do with AD, this is not recommended.
>>
>> Rowland
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
... From your output below..>> Uncomment only single database line, depending on your BIND version <<Then tell uss, why are 3 lines uncommented? I suggest, run : https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-info.sh Anonimize it where needed, and show me your server setup. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Patrik via samba > Verzonden: maandag 5 augustus 2019 11:31 > Aan: Rowland penny > CC: sambalist > Onderwerp: Re: [Samba] samba dlz. bind9 nslookup is wrong > > i only added this in the appropriote interface > include "/var/lib/samba/private/named.conf"; > > root at server:/# cat /var/lib/samba/private/named.conf > # This DNS configuration is for BIND 9.8.0 or later with > dlz_dlopen support. > # > # This file should be included in your main BIND configuration file > # > # For example with > # include "/var/lib/samba/private/named.conf"; > > # > # This configures dynamically loadable zones (DLZ) from AD schema > # Uncomment only single database line, depending on your BIND version > # > dlz "AD DNS Zone" { > # For BIND 9.8.x > # database "dlopen > /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9.so"; > > # For BIND 9.9.x > # database "dlopen > /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_9.so"; > > # For BIND 9.10.x > # database "dlopen > /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_10.so"; > > # For BIND 9.11.x > database "dlopen > /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_11.so"; > }; > > > *I am on Bind 9.11* > > *Patrik* > WWW <https://patrikx3.com> | GitHub > <https://github.com/patrikx3/> | NPM > <https://www.npmjs.com/~patrikx3> | Corifeus > <https://corifeus.com> | +36 > 20 342 8046 > > > > > On Mon, Aug 5, 2019 at 11:29 AM Patrik <alabard at gmail.com> wrote: > > > ok, so i remove that nemd.conf.update, but the rest it looks good? > > > > *Patrik* > > WWW <https://patrikx3.com> | GitHub > <https://github.com/patrikx3/> | NPM > > <https://www.npmjs.com/~patrikx3> | Corifeus > <https://corifeus.com> | +36 > > 20 342 8046 > > > > > > > > > > On Mon, Aug 5, 2019 at 11:28 AM Rowland penny via samba < > > samba at lists.samba.org> wrote: > > > >> On 05/08/2019 10:14, Patrik wrote: > >> > I am not using flatfiles and i using BIND_DLZ it shows > in my log and i > >> > do not use flatfiles. BIND_DLZ only. > >> > >> Oh yes you are, you have this in your /etc/bind/named.conf.local : > >> > >> zone "patrikx3.com" { > >> type master; > >> file "/etc/bind/zones/enp1s0f3/patrikx3.com"; > >> include "/var/lib/samba/private/named.conf.update"; > >> }; > >> > >> That means your AD records are being stored in > >> /etc/bind/zones/enp1s0f3/patrikx3.com and not in AD, this > is known as > >> 'flatfile' and is not supported by Samba. > >> > >> You also seem to using bind9 as a dns server for domains that have > >> nothing to do with AD, this is not recommended. > >> > >> Rowland > >> > >> > >> -- > >> To unsubscribe from this list go to the following URL and read the > >> instructions: https://lists.samba.org/mailman/options/samba > >> > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
On 05/08/2019 10:29, Patrik wrote:> ok, so i remove that nemd.conf.update, but the rest it looks good? > *_ > _*These are my 'named.conf' files, used since 2012 with only minor changes: /etc/bind/named.conf include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; /etc/bind/named.conf.options options { ??? directory "/var/cache/bind"; ??? version "0.0.7"; ??? notify no; ??? empty-zones-enable no; ??? auth-nxdomain yes; ??? allow-query { 127.0.0.1; 192.168.0.0/24; }; ??? allow-recursion { 192.168.0.0/24; 127.0.0.1/32; }; ??? forwarders { 8.8.8.8; 8.8.4.4; }; ??? allow-transfer { none; }; ??? dnssec-validation no; ??? dnssec-enable no; ??? dnssec-lookaside no; ??? listen-on-v6 { none; }; ??? listen-on port 53 { 192.168.0.6; 127.0.0.1; }; ??? tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab"; }; /etc/bind/named.conf.local include "/var/lib/samba/bind-dns/named.conf"; /etc/bind/named.conf.default-zones is unchanged from default. Rowland
the file "/etc/bind/zones/enp1s0f3/patrikx3.com"; are my domain names A, AAAA, CNAME-s, that is where i store then, there is know AD records at all. it is all DLZ. *Patrik* WWW <https://patrikx3.com> | GitHub <https://github.com/patrikx3/> | NPM <https://www.npmjs.com/~patrikx3> | Corifeus <https://corifeus.com> | +36 20 342 8046 On Mon, Aug 5, 2019 at 11:28 AM Rowland penny via samba < samba at lists.samba.org> wrote:> On 05/08/2019 10:14, Patrik wrote: > > I am not using flatfiles and i using BIND_DLZ it shows in my log and i > > do not use flatfiles. BIND_DLZ only. > > Oh yes you are, you have this in your /etc/bind/named.conf.local : > > zone "patrikx3.com" { > type master; > file "/etc/bind/zones/enp1s0f3/patrikx3.com"; > include "/var/lib/samba/private/named.conf.update"; > }; > > That means your AD records are being stored in > /etc/bind/zones/enp1s0f3/patrikx3.com and not in AD, this is known as > 'flatfile' and is not supported by Samba. > > You also seem to using bind9 as a dns server for domains that have > nothing to do with AD, this is not recommended. > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On 05/08/2019 11:53, Patrik wrote:> the ?? file "/etc/bind/zones/enp1s0f3/patrikx3.com > <http://patrikx3.com/>"; are my domain names A, AAAA, CNAME-s, that is > where i store then, there is know AD records at all. it is all DLZ. > *_ > _*If 'patrikx3.com' is a registered dns domain name, then you should have used a subdomain of this for the AD dns domain. The file you refer to is a FLATFILE and you SHOULDN'T be storing your AD dns records there and it ISN'T bind9_dlz. Rowland