similar to: I can't deny zone transfer when using bind as DNS backend

Displaying 20 results from an estimated 20000 matches similar to: "I can't deny zone transfer when using bind as DNS backend"

2018 Feb 13
2
I can't deny zone transfer when using bind as DNS backend
It doesn't work for me. I put allow-transfer {"none";}; in named.conf.options. Reload the bind9 service.  but I can not avoid the zone transfer to the Active Directory Integrated Zone ! I use Samba 4.7.4 (From Source) and BIND 9.10.3-P4-Debian (Debian 9) This configuration works well on standard zones but not on DLZ (Samba) Zones. El 13/02/18 a las 08:52, L.P.H. van Belle via
2018 Feb 13
1
I can't deny zone transfer when using bind as DNS backend
Well, I'm using Samba 4.7.4 DC and bind 9.10.3 as DNS back end. I have a zone called mydomain.cu into Samba where are placed our workstations and servers records. This is my configuration. I want to prevent zone transfer attacks to this zone by restricting the hosts that could do it. I tried the allow-transfer {"none";}; in the named.conf.options file but It doesn't work.
2019 Jul 22
2
DNS Zone Transfers are Enabled
Hello All, I hope someone might be able to assist me. Env: RHEL 7 Samba 4.10 Bind9 DLZ 9.4 I have tried everything to disable 'DNS Zone Transfers' when using Bind9 DLZ with Samba ADDC. I'm using below line , and I have tried different acl's as well, but nothing seems to work. allow-transfer {"none";}; Can someone please advise on how to disable 'DNS Zone
2019 Jul 22
1
DNS Zone Transfers are Enabled
Thanks Roland, You are correct. Our Bind9 DLZ is version 9.9.4. I'll have to check if I will be able to upgrade to a newer version of Bind, these are on our production servers. On Mon, Jul 22, 2019 at 9:40 AM Rowland penny via samba < samba at lists.samba.org> wrote: > On 22/07/2019 08:24, Eben Victor via samba wrote: > > Hello All, > > > > I hope someone might be
2015 Sep 07
2
Maybe working - Re: BIND DLZ zone transfers
On 07/09/15 21:26, Robert Moskowitz wrote: > Is there some option on the slave to set the frequency of the AXFR? > Say every hour? > > On 09/07/2015 03:45 PM, Lars Hanke wrote: >> Hi Robert, >> >> yes it does work. But the DLZ bind will not notify any slaves, when >> the repository changes. This can be painful, especially for longer >> TTL values.
2015 Sep 07
2
Maybe working - Re: BIND DLZ zone transfers
Hi Robert, yes it does work. But the DLZ bind will not notify any slaves, when the repository changes. This can be painful, especially for longer TTL values. Regards, - lars. Am 07.09.2015 um 20:16 schrieb Robert Moskowitz: > > > On 09/07/2015 12:52 PM, Robert Moskowitz wrote: >> I am looking at: https://wiki.samba.org/index.php/DNS_administration >> >> I am using
2015 Sep 07
5
BIND DLZ zone transfers
I am looking at: https://wiki.samba.org/index.php/DNS_administration I am using bind 9.9 on all my DNS servers. To set up secondarying my Samba DNS zones to my other Bind servers. I come across the following: https://bugzilla.samba.org/show_bug.cgi?id=9634 Is it possible to transfer the DLZ zones now as dates on this bug are 2 years old?
2020 Apr 30
3
bind9 refuses to start -> zone has no NS records
Hi Denis, thanks a lot! > you said that the zone is empty. It is not a problem per se but for some > time Bind-DLZ has been a bit more strict and ask for a NS record for > every zone. So you just have to create a NS field in your zone pointing > to one of your DC and you should be fine. Internal DNS does not have > this requirements. > > samba-tool dns mydc
2019 Feb 26
1
samba internal DNS Zone transfers and notify for slaves?
I was wondering if I can implement slave DNS servers for a samba domain. I would like to setup a slave section on my bind server that gets its information from my samba-ad dns server? Or is my only option at the moment to use bind-dlz with bind on my samba-dc? This page: https://wiki.samba.org/index.php/DNS_Administration says zone transfers is unimplemented but one of the links on there
2020 Apr 30
7
bind9 refuses to start -> zone has no NS records
Hi, I have to add a second DC to a Zone. I use the sernet packages Version 4.11 on a debian 10 host. The bind refuses to start: root at addc-zone02:~# systemctl status bind9 ? bind9.service - BIND Domain Name Server Loaded: loaded (/lib/systemd/system/bind9.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Thu 2020-04-30 14:51:58 EEST; 5s ago Docs:
2017 Dec 04
4
Samba 4.7.2 + bind on Fedora 27: samba_dlz: spnego update failed
Il giorno lun, 04/12/2017 alle 14.48 +0000, Rowland Penny via samba ha scritto: > > > The cure is to STOP your windows clients trying to update their own > records. Yes, this is true, on windows I will stop this service. But my problem now is another The samba command samba_dnsupdate --verbose --all-names --fail-immediately not work It's possible to resolve this
2016 Aug 30
1
DNS zone transfer
Sorry to ask, here Bind is configured to not allow zone transfer except for some IPs. I did tried to transfer AD zone from a machine which is not allowed to transfer zones according to Bind configuration file, and that machine was able to transfer what it should not... Is there other points where Bind configuration file are useless? Is documented somewhere? This to avoid relying on Bind
2024 Nov 06
1
bind DLZ deny/allow list
Hi, starting with Samba-version 4.15 the zone transfer has changed. That's what is written in the releasenote: ---------- Up to now, any client could use a DNS zone transfer request to the bind server, and get an answer from Samba. Now the default behaviour will be to deny those request. Two new options have been added to manage the list of authorized/denied clients for zone transfer
2020 Feb 28
3
Samba Bind DLZ Slow queries
So if this is done, is edns configure also ? ? in resolv.conf add: options edns0 ? and, name.conf test these. ? ??????? //?The forwarded zone to the AD-DC DNS use these also. ????????//dnssec-must-be-secure?internal.domain.tld no; ????????//dnssec-must-be-secure 168.192.in-addr.arpa no; ????????// listen-on-v6 { ::1; };? // test what works best, if not all?ipv6 is disabled also?enable this
2013 Aug 31
1
Where is the DLZ zone file with the bind dns backend?
I'm testing the samba4 with bind. Samba: 4.0.9 Bind: 9.9.3-P2 I configured with the document http://wiki.samba.org/index.php/Dns-backend_bind and seems dns update completed. I trying to find out where is the DLZ zone file. Is there? Or it's just the ldb file?
2020 Apr 05
4
FMSO transfer gone wrong
On 4/5/20 7:14 PM, Rowland penny via samba wrote: > On 05/04/2020 17:47, Arne Zachlod via samba wrote: >> Hello, >> >> I'm currently in the process of updating our Samba environment from >> 4.3 to 4.11. Looks like I did something wrong. Some pointers would be >> much appreciated. >> >> Since I wanted to migrate from Ubuntu to Debian anyway, I
2015 Jan 28
1
[SOLVED] samba_dlz Failed to configure reverse zone
Last month I struggled with a severe DLZ issue and today I could solve it. Credits for the important idea go to Peter Serbe, thanks! I checked the DNS contents using RSAT. There was nothing wrong with SOA nor NS entries, but the reverse zones were actually forward zones with proper names in the in-addr.arpa. domain. I built proper reverse zones and deleted the forward-reverse zones and Bind
2018 Jan 19
2
Where to find out documentation on how does Samba work ?
Hi: I want to find information about how does Samba work as a Domain Controller. I mean, the interaction with kerberos, DNS, bind9 as backend, the process of login from a workstation, etc. Is there a good source of information out there?
2017 May 05
2
Slow file transfer on ADDC mode
Hi Rowland Thank you for your reply, i removed them but nothing changed :(, i also tried to remove others thing like the full_audit module to keep the settings simplest as possible but had no effect, i'll try to build samba with profiling support and debug with some tools like gdb which i don't have much experience but i'll try it. The current Samba versions support the
2015 Sep 08
4
Samba AD DC, DHCP & Address Assignments
Hi All, I should have considered this beforehand... Assumed the info would be in the Wiki somewhere. Cannot find. The way our LAN has been working is clients use DHCP, but all address assignments are static. Thus, when a given PC asks "what's my address?", the DHCP server looks at the MAC address and asks the configured resolver what is the IP address for the hostname for that