samba - Nov 2024 - update the dns via samba-tool but it doesn't allow it.

I want to update the dns via samba-tool but it doesn't allow it.


Calling samba-tool dns add --use-kerberos off -P ['192.168.1.14',
'cuba.cu',
'_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones',
'SRV', '
ms.cuba.cu 389 0 100']

ERROR: Connecting to DNS RPC server 192.168.1.14 failed with (3221226038,
'The transport-connection attempt was refused by the remote system.')
Failed 'samba-tool dns' based update of SRV
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.cuba.cu ms.cuba.cu
389
Failed update of 29 entries

How to fix that?

On Wed, 27 Nov 2024 09:06:10 -0500
Leo C via samba <samba at lists.samba.org> wrote:
> I want to update the dns via samba-tool but it doesn't allow it.
> 
> 
> Calling samba-tool dns add --use-kerberos off -P ['192.168.1.14',
> 'cuba.cu',
> '_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones',
'SRV', '
> ms.cuba.cu 389 0 100']
> 
> ERROR: Connecting to DNS RPC server 192.168.1.14 failed with
> (3221226038, 'The transport-connection attempt was refused by the
> remote system.') Failed 'samba-tool dns' based update of SRV
> _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.cuba.cu
> ms.cuba.cu 389
> Failed update of 29 entries
> 
> How to fix that?
That looks suspiciously like this entry '${IF_DNS_FOREST}SRV
_ldap._tcp.${SITE}._sites.ForestDnsZones.${DNSFOREST} ${HOSTNAME} 389'
from the 'dns_update_list' that samba_dnsupdate uses to create the
required DC dns records.

What is your real problem ?
Does the record actually exist ?
Does this produce output when run on a Samba AD DC:

sudo ldbsearch --cross-ncs --show-binary -P -H
/var/lib/samba/private/sam.ldb -b 'dc=cuba,dc=cu' -s sub
'(name=_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones)'

Rowland