similar to: DNS Updates fail with dns_tkey_gssnegotiate: TKEY is unacceptable

I have installed and configured a Samba version 4.9.4 first in forest AD DC on a clean, updated installation of Ubuntu 18.04 running BIND 9.11.3-1ubuntu1.3-Ubuntu ... built by make with ... '--with-gssapi=/usr' ...  '--sysconfdir=/etc' ... '--sysconfdir=/etc/bind' .... I am following the Samba Wiki for guidiance. The installation proceeded without error in all tests until I

I"m seeing this as well, after I updated my CentOS 7 hosts to the latest release. Something seems to have broken! On 10 May 2018 at 17:54, Tom Diehl via samba <samba at lists.samba.org> wrote: > Hi, > > I have 2 self compiled samba 4 DCs running 4.7.7 on Centos 7.5. One of them > is operating normally. On the other DC bind will not start. I turned up > debugging on

Hi, I have 2 self compiled samba 4 DCs running 4.7.7 on Centos 7.5. One of them is operating normally. On the other DC bind will not start. I turned up debugging on dlz_bind as per https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End#Debugging_the_BIND9_DLZ_Module When I try to start named I get the following in the logs: May 10 13:19:44 vdc2 named[23773]: starting BIND

Hum... what are these logs related to GeoIP? Perhaps this answer will be a bit rough... anyway: MS AD is complex. Samba team did a great job to reproduce its behaviour but MS product are not reputed to be too stable, so a work-in-progress reproduction of such tool has few chances to be too stable. DNS is complex by itself, especially when using Bind as backend: Bind can do lot of things related

Hello! After updating (only one dc) for samba 4.5.3 is occurring duplicate zone errors, when I run rndc reload Samba_dlz: Ignoring duplicate zone This replied to all my dcs ... When I run: Samba_dnsupdate --verbose --all-names I get the error Update failed: NOTAUTH .... .... Update failed: NOTAUTH Failed nsupdate: 2 Failed update of 21 entries Like this topic to have reference to this,

Hello. To follow-up this issue, since the upgrade, when i do a named reload it crash, look like there's duplicated zones. Here's the log when i trigger a reload nov 05 03:09:02 data.contoso.com named[2807]: received control channel command 'reload' nov 05 03:09:02 data.contoso.com named[2807]: loading configuration from '/etc/named.conf' nov 05 03:09:02 data.contoso.com

options { listen-on port 53 { 127.0.0.1; 172.17.2.187; }; //listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; 172.17.0.0/16; }; allow-transfer { localhost;

Using your log parameters, the shutting down message is not showed, but when I reload rndc a get the same effect. Everything is working fine until bond9_dlz needs to reload (and no restart) rndc. When this happens, I need to restart bind and everything works fine again. I'm starting named with named -d 3 -u named and using /var/log/messages. See log using your parameters: # rndc reload

On Mon, 6 Nov 2017 11:39:50 +0100 (CET) Maxence SARTIAUX via samba <samba at lists.samba.org> wrote: > Hello. > > To follow-up this issue, since the upgrade, when i do a named reload > it crash, look like there's duplicated zones. > > Here's the log when i trigger a reload > > > nov 05 03:09:02 data.contoso.com named[2807]: received control >

Hi everyone, unfortunately, I managed to break my Samba AD DC configuration :-( and would like to ask the experts on this list. When restarting my Samba AC DC I noticed, that it didn't come up properly. samba outputs the following lines to /var/log/syslog > Nov 24 12:46:52 addc01 samba[30784]: /usr/sbin/samba_dnsupdate: > RuntimeError: kinit for ADDC01$@MYDOMAIN.LAN failed (Cannot

On 29/12/14 18:20, support at remsnet.de wrote: > Dear Roland, > > and here we have one reasons / prove regarding Debian and current Samba BIND DLZ issues : > http://metadata.ftp-master.debian.org/changelogs//main/b/bind9/bind9_9.8.4.dfsg.P1-6+nmu2+deb7u3_changelog > MSG >> " * disable dlz until we get a patch to make it build again" > > Well Debian

On 29/12/14 17:32, support at remsnet.de wrote: > Dear Rowland , > > Just keep in mind that the Debian RPI maintated by rasperry.org PI fellows and _not_ mainly by the Mainsteam debian > pkg maintainers, and ways behind the main distro - allmost. > >> Even though there is no mention of dlopen, samba_dlz works. >> > yes/no ->> its not displaying the DLZ file

Hallo Rowland If this parameter not for the internal dns? Ok. I changed the parameter. The same problem. The test with the internal dns. It looks good. service sernet-samba-ad stop service bind9 stop change server services = -dns to # server services = -dns samba_upgradedns --dns-backend=SAMBA_INTERNAL service sernet-samba-ad start netstat -tulpen | grep 53 (dns in running) I think i

On 29/12/14 16:25, support at remsnet.de wrote: > Hello , > > review bind9 options ... > >>> Dec 22 12:25:55 verdandi named[18534]: starting BIND 9.9.5-7-Debian -u >>> bind -4 >>> Dec 22 12:25:55 verdandi named[18534]: built with '--prefix=/usr' >>> '--mandir=/usr/share/man' '--infodir=/usr/share/info' >>>

Hello, running on Debian jessie 64bit samba 4.0.8 and bind 9.9 but with the description from https://wiki.samba.org/index.php/Dns-backend_bind I run into the following problem: # named -u bind -g 2>&1 |tee named.log 12-Sep-2013 15:43:07.287 starting BIND 9.9.3-rpz2+rl.13214.22-P2-Debian-1:9.9.3.dfsg.P2-4 -u bind -g 12-Sep-2013 15:43:07.287 built with '--prefix=/usr'

On 29/12/14 09:40, Lars Hanke wrote: > And some more information about this strange effect apparently no-one > has seen before. > > I now added the missing zone: > > samba-tool dns zonecreate verdandi 10.16.172.in-addr.arpa -U > Administrator > > and it claims that the zone is okay, but the next one is missing: > > Dec 29 10:31:12 verdandi named[2601]: Loading

Dear Rowland , Just keep in mind that the Debian RPI maintated by rasperry.org PI fellows and _not_ mainly by the Mainsteam debian pkg maintainers, and ways behind the main distro - allmost. > > Even though there is no mention of dlopen, samba_dlz works. > yes/no ->> its not displaying the DLZ file open <<- and that happen even on my now +1J old samba4.0 RPI samba4 ad.

And some more information about this strange effect apparently no-one has seen before. I now added the missing zone: samba-tool dns zonecreate verdandi 10.16.172.in-addr.arpa -U Administrator and it claims that the zone is okay, but the next one is missing: Dec 29 10:31:12 verdandi named[2601]: Loading 'ad.microsult.de' using driver dlopen Dec 29 10:31:12 verdandi named[2601]:

I dug somewhat deeper into what is going on below and it seems even stranger. The reverse zone without SOA or NS does not even exist: root at verdandi:~# samba-tool dns query localhost 10.16.172.in-addr.arpa @ ALL -U Administrator Password for [AD\Administrator]: ERROR(runtime): uncaught exception - (9714, 'WERR_DNS_ERROR_NAME_DOES_NOT_EXIST') File

Hello We have installed 4 Sernet AD controllers on Debian 8.7 with bind9. If we run ipconfig /registerdns on a windowsclient , an error message is in the logfiles: 31-Mar-2017 11:08:49.270 client 192.168.99.6#50357 (client006.my.domain.de): query: client006.my.domain.de IN SOA + (192.168.99.8) 31-Mar-2017 11:08:49.274 client 192.168.99.6#51046 (client008.my.domain.de): query: