Displaying 20 results from an estimated 1000 matches similar to: "Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates"
2018 Aug 24
0
Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates
Hello, everyone.
To recapitulate the results of our research:
1) I can confirm Samba 4.8 and Bind 9.9.4 (distribution package) on CentOS 7 (tested od 7.5) work even with dynamic DNS updates without any additional fixes or need to recompile Bind package.
I think it will work also on other RHEL 7 clones, so we should update Wiki page:
2018 Aug 21
0
Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates
; TSIG error with server: tsig verify failure
Mayabe update/setup your TSIG key.
https://access.redhat.com/documentation/en-us/openshift_enterprise/2/html/puppet_deployment_guide/generating_a_bind_tsig_key
Im also wondering why RH is using : '--disable-isc-spnego'
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org]
2018 Aug 21
3
Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates
> So you never read this:
> https://wiki.samba.org/index.php/Changing_the_DNS_Back_End_of_a_Samba_AD_DC
> Which means that you probably never ran the aptly named
> 'samba_upgradedns'Of course I ran this. Many times. I'm not stupid, Rowland. At least I can read:D
If I've seen that Bind doesn't work, I had to change backend to internal DNS.I carefully read and made
2018 Aug 21
1
Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates
On Tue, 21 Aug 2018 16:50:19 +0200
"L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:
>
> ; TSIG error with server: tsig verify failure
>
> Mayabe update/setup your TSIG key.
> https://access.redhat.com/documentation/en-us/openshift_enterprise/2/html/puppet_deployment_guide/generating_a_bind_tsig_key
>
> Im also wondering why RH is using :
2018 Aug 22
1
Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates
Hello, guys.
First of all, I would like to thank you all for the time you spend with solving my problem. I appreciate that very much. Especially Rowland. You make great job every day here on lists.
Louis:
> ; TSIG error with server: tsig verify failure
>
> Mayabe update/setup your TSIG key.
>
2018 Aug 21
1
Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates
> There doesn't seem anything wrong there, the only comment I would make,
> is '/var/lib/samba/bind-dns/named.conf' pointing to the correct version
> of named ?
Yes
cat /var/lib/samba/bind-dns/named.conf
dlz "AD DNS Zone" {
# For BIND 9.8.x
# database "dlopen /usr/lib64/samba/bind9/dlz_bind9.so";
# For BIND 9.9.x
database "dlopen
2018 Aug 21
1
Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates
Hello everyone.
In our company we use Samba 4 for about 3 years (classic upgraded from
Samba 3.5 + LDAP to Sernet Samba 4.2). We used CentOS 6 for domain
controllers and with Bind bundled in this distro was impossible to use
dynamic DNS updates. And because I don't like using compiled SW on
production servers, we used Samba internal DNS, which worked well
(dynamic updates).
With one non
2018 Aug 22
0
Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates
I just tested samba_dnsupdate --verbose --all-names on our test domain.
Samba 4.8.2 from Tranquil IT on CentOS 7 and its Bind 9.9.4.
And it just work.
But with Internal DNS it threw ; TSIG error with server: tsig verify
failure and Failed nsupdate: 2, same as in production domain.
So you are right, Rowland, it's problem with Bind - Samba
communication. But I don't know, why in test
2018 Aug 21
1
Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates
> It should work ;-)
> Can you post your smb.conf and /etc/named.conf files
> Rowland
Hello Rowland. Of course I can:
cat /etc/samba/smb.conf
# Global parameters
[global]
workgroup = SVMETAL
realm = samdom.svmetal.cz
netbios name = DC01
server services = -dns
server role = active directory domain controller
idmap_ldb:use rfc2307 = yes
allow dns updates =
2018 Aug 22
0
Samba 4.8.4 + BIND 9.9.4 - possibility of nonsecure DNS updates
> Yes, it is a failure, but a failure of the script, it shouldn't print
> all those Python errors, it should print something like 'No update
> required' for each attempted update and then 'No updates required'
Yes, I understand. samba_dnsupdate --verbose --all-names --use-samba-tool gave reasonable output. But samba_dnsupdate --verbose --all-names only just throws
;
2016 Apr 12
2
Failed to re-index objectSid after botched DLZ back-end update
Alright, I'm taking the plunge: We're switching our three AD DCs from Samba internal to BIND_DLZ back end.
I needed a version of BIND with DLZ, as it appears support for that is not so ubiquitous.
I went here first: https://wiki.samba.org/index.php/Using_BIND_DLZ_backend_with_secured_/_signed_DNS_updates
We use Ubuntu 14.04 here, and the Debian/Ubuntu instructions fail on apt-get
2018 Jul 02
2
client @0x7f6ed800bc20 172.16.5.86#62582: update 'campus.company.intra/IN' denied
Hello,
The error described in the email title happens in version 9.10 of the bind
that I have installed in our main DC. In face of that, I found the samba
wiki article that talks about this problem.
https://wiki.samba.org/index.php/Using_BIND_DLZ_backend_with_secured_/_signed_DNS_updates
I made a new installation via source with the suggested options:
root at dc3:~# fakeroot ./configure
2018 Jul 02
0
client @0x7f6ed800bc20 172.16.5.86#62582: update 'campus.company.intra/IN' denied
On Mon, 2 Jul 2018 10:27:58 -0300
Elias Pereira via samba <samba at lists.samba.org> wrote:
> Hello,
>
> The error described in the email title happens in version 9.10 of the
> bind that I have installed in our main DC. In face of that, I found
> the samba wiki article that talks about this problem.
>
2018 Oct 31
0
Internal DNS migrate to Bind9_DLZ
On Wed, 31 Oct 2018 18:36:52 +0200
Eben Victor <eben.victor at gmail.com> wrote:
> Hello Rowland,
>
> I have already checked and the DN's are in AD, see attached.
>
> SOA:
> <domain>.corp. 3600 IN SOA psad102zadprh.<domain>.corp. .
> 9766 3600 600 86400 3600
>
> See below NS, but the 1st NS (zatprdc001) doesn't exsit, and I
2018 Oct 31
0
Internal DNS migrate to Bind9_DLZ
On Wed, 31 Oct 2018 23:34:38 +0200
Eben Victor <eben.victor at gmail.com> wrote:
> Hi Rowland,
>
> I didn't build samba, I'm running the sernet packages,
> # rpm -qa | grep sernet
> sernet-samba-libsmbclient0-4.8.6-16.el7.x86_64
> sernet-samba-ad-4.8.6-16.el7.x86_64
> sernet-samba-libs-4.8.6-16.el7.x86_64
> sernet-samba-client-4.8.6-16.el7.x86_64
>
2018 Oct 31
3
Internal DNS migrate to Bind9_DLZ
Hi Rowland,
I didn't build samba, I'm running the sernet packages,
# rpm -qa | grep sernet
sernet-samba-libsmbclient0-4.8.6-16.el7.x86_64
sernet-samba-ad-4.8.6-16.el7.x86_64
sernet-samba-libs-4.8.6-16.el7.x86_64
sernet-samba-client-4.8.6-16.el7.x86_64
sernet-samba-winbind-4.8.6-16.el7.x86_64
sernet-samba-common-4.8.6-16.el7.x86_64
sernet-samba-4.8.6-16.el7.x86_64
I don't mind having
2018 Jul 02
2
client @0x7f6ed800bc20 172.16.5.86#62582: update 'campus.company.intra/IN' denied
>
> Hmm, bind 9.12.x isn't supported yet.
He works with "dlopen
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_11.so" without problems, at
first.
include "/etc/bind/rndc.key";
> controls {
> inet 127.0.0.1 allow { localhost; } keys { rndc-key;};
> };
> You do not need the four lines above
Ok, but if I leave it, does not have problems
2008 Mar 19
4
R GUI question
Hi.
I'm looking to create a user-friendly program built around some R methods
I've written. The program should be as easy to install and use as possible
and will be built around a GUI. This program will be cross-platform; that's
crucial.
I'm familiar with Java and its GUI packages, I've been looking at the JRI
package (interfaces R with Java) but I'm a little uneasy about
2011 Aug 09
1
simple plot question
Hi,
please excuse the most likely very trivial question, but I'm having no idea
where to find related information:
I try to recapitulate very simple plotting behavior of Excel within R but
have no clue how to get where I want.
I have tab delimited data like
cell treatment value
line a treat1 4
line a treat2 3
line b treat1 8
line b treat2 11
I'd like to have a plot (barplot), that
2010 Feb 14
2
paperclip is making me crazy
seems pretty simple, my model...
has_attached_file :pic_1, :styles => { :thumb => "120x90" },
:url => "/:attachment/:id_:style.:extension",
:path => ":rails_root/public/system/:attachment/:id_:style.:extension"
my view...
<% form_tag(:action => ''create'', :html => { :multipart => true }) do -%>
<label