On Mon, 23 Oct 2023 13:11:27 +0300 Bee Air via samba <samba at lists.samba.org> wrote:> Good day! > Test the dynamic DNS updates > > # samba_dnsupdate --verbose > IPs: ['200.2.2.15'] > Looking for DNS entry A dcs3.BEO.IMP 200.2.2.15 as dcs3.BEO.IMP. > Looking for DNS entry CNAME > 246933f5-768e-4399-9adb-251271d245e3._msdcs.BEO.IMP dcs3.BEO.IMP as > 246933f5-768e-4399-9adb- > 251271d245e3._msdcs.BEO.IMP. > Looking for DNS entry NS BEO.IMP dcs3.BEO.IMP as BEO.IMP. > Looking for DNS entry NS _msdcs.BEO.IMP dcs3.BEO.IMP as > _msdcs.BEO.IMP. The DNS entry NS _msdcs.BEO.IMP dcs3.BEO.IMP, queried > as _msdcs.BEO.IMP. does not exist > need update: NS _msdcs.BEO.IMP dcs3.BEO.IMP > > ..... > > dns_tkey_gssnegotiate: TKEY is unacceptable > Failed nsupdate: 1 > Failed update of 1 entries > > > I can't understand this message: > > The DNS entry NS _msdcs.BEO.IMP dcs3.BEO.IMP, queried as > _msdcs.BEO.IMP. does not exist > need update: NS _msdcs.BEO.IMP dcs3.BEO.IMP > > > On the DC domain controller (Windows Server 2008 R2) there is an > entry in DNS - *_msdcs.beo.imp* > > See attachment "dc-samba-dns002.jpg"Please post your jpg somewhere and supply a link, this list strips attachments. Also, please do not post twice. Rowland
Instead of the jpg image l write like this:
DNS Master on the DC domain controller (Windows Server 2008 R2)
DNS
DC
Reverse Lookup Zones
beo.imp
_msdsc
dc
domains
gc
pdc
_sites
..........
In the window - _msdsc
246933f5-768e-4399-9adb-251271d245e3 (CNAME) dcs3.beo.imp
.................................
(CNAME) dc.beo.imp
.................................
(CNAME) dc2.beo.imp
??, 23 ???. 2023 ?., 13:33 Rowland Penny via samba <samba at
lists.samba.org>:
> On Mon, 23 Oct 2023 13:11:27 +0300
> Bee Air via samba <samba at lists.samba.org> wrote:
>
> > Good day!
> > Test the dynamic DNS updates
> >
> > # samba_dnsupdate --verbose
> > IPs: ['200.2.2.15']
> > Looking for DNS entry A dcs3.BEO.IMP 200.2.2.15 as dcs3.BEO.IMP.
> > Looking for DNS entry CNAME
> > 246933f5-768e-4399-9adb-251271d245e3._msdcs.BEO.IMP dcs3.BEO.IMP as
> > 246933f5-768e-4399-9adb-
> > 251271d245e3._msdcs.BEO.IMP.
> > Looking for DNS entry NS BEO.IMP dcs3.BEO.IMP as BEO.IMP.
> > Looking for DNS entry NS _msdcs.BEO.IMP dcs3.BEO.IMP as
> > _msdcs.BEO.IMP. The DNS entry NS _msdcs.BEO.IMP dcs3.BEO.IMP, queried
> > as _msdcs.BEO.IMP. does not exist
> > need update: NS _msdcs.BEO.IMP dcs3.BEO.IMP
> >
> > .....
> >
> > dns_tkey_gssnegotiate: TKEY is unacceptable
> > Failed nsupdate: 1
> > Failed update of 1 entries
> >
> >
> > I can't understand this message:
> >
> > The DNS entry NS _msdcs.BEO.IMP dcs3.BEO.IMP, queried as
> > _msdcs.BEO.IMP. does not exist
> > need update: NS _msdcs.BEO.IMP dcs3.BEO.IMP
> >
> >
> > On the DC domain controller (Windows Server 2008 R2) there is an
> > entry in DNS - *_msdcs.beo.imp*
> >
> > See attachment "dc-samba-dns002.jpg"
>
> Please post your jpg somewhere and supply a link, this list strips
> attachments.
>
> Also, please do not post twice.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
I have the closed local network with two domain controllers on MS Windows
Server 2008 R2
DC - 200.2.2.1 , DC1 - ip 200.2.2. <http://2.2.2.2/>2. Local domain -
BEO.IMP
I installed the domain controller on debian 12 (Samba 4.19.1-Debian) DCS3 -
ip 200.2.2.15
?onnected to the domain and AD according to the article
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory
Dns is BIND 9.18.19-1
/etc/samba/smb.conf
# Global parameters
[global]
netbios name = DCS3
realm = BEO.IMP
server role = active directory domain controller
workgroup = BEO
allow dns updates = nonsecure
template shell = /bin/bash
template homedir = /home/%U
server services = -dns
log file = /var/log/samba/log.%m
max log size = 1000
logging = file
log level = 3 passdb:5 auth:5
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[netlogon]
path = /var/lib/samba/sysvol/beo.imp/scripts
read only = No
/etc/krb5.conf
[libdefaults]
dns_lookup_realm = false
dns_lookup_kdc = true
default_realm = BEO.IMP
kdc_timesync = 1
ccache_type = 4
[realms]
[domain_realm]
/etc/resolve.conf
search BEO.IMP
nameserver 200.2.2.15
nameserver 200.2.2.1
nameserver 200.2.2.2
??, 23 ???. 2023 ?., 13:33 Rowland Penny via samba <samba at
lists.samba.org>:
> On Mon, 23 Oct 2023 13:11:27 +0300
> Bee Air via samba <samba at lists.samba.org> wrote:
>
> > Good day!
> > Test the dynamic DNS updates
> >
> > # samba_dnsupdate --verbose
> > IPs: ['200.2.2.15']
> > Looking for DNS entry A dcs3.BEO.IMP 200.2.2.15 as dcs3.BEO.IMP.
> > Looking for DNS entry CNAME
> > 246933f5-768e-4399-9adb-251271d245e3._msdcs.BEO.IMP dcs3.BEO.IMP as
> > 246933f5-768e-4399-9adb-
> > 251271d245e3._msdcs.BEO.IMP.
> > Looking for DNS entry NS BEO.IMP dcs3.BEO.IMP as BEO.IMP.
> > Looking for DNS entry NS _msdcs.BEO.IMP dcs3.BEO.IMP as
> > _msdcs.BEO.IMP. The DNS entry NS _msdcs.BEO.IMP dcs3.BEO.IMP, queried
> > as _msdcs.BEO.IMP. does not exist
> > need update: NS _msdcs.BEO.IMP dcs3.BEO.IMP
> >
> > .....
> >
> > dns_tkey_gssnegotiate: TKEY is unacceptable
> > Failed nsupdate: 1
> > Failed update of 1 entries
> >
> >
> > I can't understand this message:
> >
> > The DNS entry NS _msdcs.BEO.IMP dcs3.BEO.IMP, queried as
> > _msdcs.BEO.IMP. does not exist
> > need update: NS _msdcs.BEO.IMP dcs3.BEO.IMP
> >
> >
> > On the DC domain controller (Windows Server 2008 R2) there is an
> > entry in DNS - *_msdcs.beo.imp*
> >
> > See attachment "dc-samba-dns002.jpg"
>
> Please post your jpg somewhere and supply a link, this list strips
> attachments.
>
> Also, please do not post twice.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>