Carlos Jesus
2021-Sep-09 15:20 UTC
[Samba] samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists"
Ah wait, there's a missing double quote at the end (right?). If I add the double quote, then I get search error - LDAP error 32 LDAP_NO_SUCH_OBJECT - <acl_read: Error retrieving instanceType for base. at ../../source4/dsdb/samdb/ldb_modules/acl_read.c:939> <> Carlos Jesus <camjesus2 at gmail.com> escreveu no dia quinta, 9/09/2021 ?(s) 16:18:> Sorry about that Rowland, my bad... > the command given returns a ">" prompt. it seems to be waiting for further > input. > > > > > Rowland Penny via samba <samba at lists.samba.org> escreveu no dia quinta, > 9/09/2021 ?(s) 16:07: > >> On Thu, 2021-09-09 at 15:10 +0100, Carlos Jesus wrote: >> > Hi Rolland, >> > not sure I completely understood. >> > The idea is to create the _msdcs.domain.com zone in AD, but I can't >> > use samba-tool dns to do that. Already tried. And RSAT doesnt work >> > either. Is there any other way? >> >> Hi fred :-) >> >> Can you run this on a DC: >> >> sudo ldbsearch -H ldap://$(hostname -s) -P -b "DC=_msdcs.$(hostname >> -d),CN=MicrosoftDNS,DC=ForestDnsZones,$(echo "DC=$(hostname -d)" | sed >> 's/\./,DC=/g') | grep 'dn:' >> >> It is all supposed to be on one line. >> Does it produce output and if so, what ? >> >> Rowland >> >> PS, can you please just reply to the list >> >> >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >
Carlos Jesus
2021-Sep-09 15:25 UTC
[Samba] samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists"
Again, wait. The double quotes are obviously before the pipe. So, the command ldbsearch -H ldap://$(hostname -s) -P -b "DC=_msdcs.$(hostname -d),CN=MicrosoftDNS,DC=ForestDnsZones,$(echo "DC=$(hostname -d)" | sed 's/\./,DC=/g')" | grep 'dn:' returns nothing. And that's because, the command ldbsearch -H ldap://$(hostname -s) -P -b "DC=_msdcs.$(hostname -d),CN=MicrosoftDNS,DC=ForestDnsZones,$(echo "DC=$(hostname -d)" | sed 's/\./,DC=/g')" returns search error - LDAP error 32 LDAP_NO_SUCH_OBJECT - <acl_read: Error retrieving instanceType for base. at ../../source4/dsdb/samdb/ldb_modules/acl_read.c:939> <> There, final answer. Carlos Jesus <camjesus2 at gmail.com> escreveu no dia quinta, 9/09/2021 ?(s) 16:20:> Ah wait, there's a missing double quote at the end (right?). > If I add the double quote, then I get > search error - LDAP error 32 LDAP_NO_SUCH_OBJECT - <acl_read: Error > retrieving instanceType for base. at > ../../source4/dsdb/samdb/ldb_modules/acl_read.c:939> <> > > Carlos Jesus <camjesus2 at gmail.com> escreveu no dia quinta, 9/09/2021 ?(s) > 16:18: > >> Sorry about that Rowland, my bad... >> the command given returns a ">" prompt. it seems to be waiting for >> further input. >> >> >> >> >> Rowland Penny via samba <samba at lists.samba.org> escreveu no dia quinta, >> 9/09/2021 ?(s) 16:07: >> >>> On Thu, 2021-09-09 at 15:10 +0100, Carlos Jesus wrote: >>> > Hi Rolland, >>> > not sure I completely understood. >>> > The idea is to create the _msdcs.domain.com zone in AD, but I can't >>> > use samba-tool dns to do that. Already tried. And RSAT doesnt work >>> > either. Is there any other way? >>> >>> Hi fred :-) >>> >>> Can you run this on a DC: >>> >>> sudo ldbsearch -H ldap://$(hostname -s) -P -b "DC=_msdcs.$(hostname >>> -d),CN=MicrosoftDNS,DC=ForestDnsZones,$(echo "DC=$(hostname -d)" | sed >>> 's/\./,DC=/g') | grep 'dn:' >>> >>> It is all supposed to be on one line. >>> Does it produce output and if so, what ? >>> >>> Rowland >>> >>> PS, can you please just reply to the list >>> >>> >>> >>> >>> -- >>> To unsubscribe from this list go to the following URL and read the >>> instructions: https://lists.samba.org/mailman/options/samba >>> >>
Rowland Penny
2021-Sep-09 15:33 UTC
[Samba] samba AD-DC with bind9, dyn-dns complains that "No AD dhcp user exists"
On Thu, 2021-09-09 at 16:20 +0100, Carlos Jesus via samba wrote:> Ah wait, there's a missing double quote at the end (right?).Yes sorry, my fault :"-)> If I add the double quote, then I get > search error - LDAP error 32 LDAP_NO_SUCH_OBJECT - <acl_read: Error > retrieving instanceType for base. at > ../../source4/dsdb/samdb/ldb_modules/acl_read.c:939> <>That confirms it, you have the old dns setup with no forest dns zone. What there is of a forest dns is in the wrong place. Not sure where you go from here, Samba needs the forest forward zone. Rowland