similar to: Bind9 issue

Rowland, To answer you first, my "example.com" registered host is a wildcat " *. example.com". Everything example.com returns my external ip address. Both bind9 and samba are running. Might add your "options" but for now, solving my problem, first. Louis, your answer in a few minutes. On Wed, Sep 30, 2020 at 8:09 AM Rowland penny via samba < samba at

Hi Bob, ? Ok, things are looking ok again? dpkg-reconfiure krb5.conf , doesnt do much expect installing and configuringing krb5.conf which basicly only sets the REALM.? "init administrator" will not connect to kerberos? If the DNS isnt running, its unable to resolv the servernames for the REALM. Resulting in, you not able to kinit. ? Greetz, ? Louis ? ? Van: Robert Wooden

On 30/09/2020 13:22, Robert Wooden via samba wrote: > Yesterday I had an issue with Samba v 4.13.0. > > I cannot figure out why bind9 will not "host -t SRV _ldap._ > tcp.ad.dtntwk.work." or "host -t SRV _kerberos._udp.ad.dtntwk.work." > > root at dc1:~# host -t SRV _ldap._tcp.subdom.example.com. Hmm, is 'subdom.example.com' really

Bind_DLZ is not loaded Which makes sence if we see the errors.. Verify if this is loaded.. I have it in named.conf.local // adding the dlopen ( Bind DLZ ) module for samba, beware, if you using bind9.9 then you need to change this manualy include "/var/lib/samba/bind-dns/named.conf"; > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at

On 7/3/2020 10:01 AM, Robert E. Wooden via samba wrote: > On 7/3/2020 9:50 AM, Rowland penny via samba wrote: >> Originally, Samba used /var/lib/samba/private for the dns.keytab and >> other dns files. This was then found to be possibly insecure, so it >> was decided to use /var/lib/samba/bind-dns instead. When you upgrade >> the Samba packages, the old files are not

I am having dns issues on both DC's. root at dc1:~# ./samba-setup-checkup.sh Check hostnames : Ok ./samba-setup-checkup.sh: line 91: [: too many arguments Checking detected host ipnumbers from resolv.conf and default gateway Ping gateway ip : 192.168.0.106 : Ok Warning, no ping to gateway, this might be firewalled. check you internet connection, subdom DNS might need it. ping nameserver1:

Hai Rowland, Yes, agree here, better correct DC1, then join new. So i'll post this, its focused on Debian servers, but usable for any other. I've run the debug on the company AD-DC server here. A good example for an AD-DC setup with Bind9_DLZ. And remember, most is on/from wiki.samba.org Im running this. ( Debian Stretch as AD-DC ) This server started as a wheezy server and is

Hi Rowland, Thank you. I think the 5 zones maybe a parsing issues somewhere. Also, the realms are in capital, must have been a typo. The UFW has been disabled and selinux is in a disbaled state /etc/bind/named.conf.options has options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to

That the script isnt running, shows that whats going wrong.. Your resolving.. And then thats also why your kerberos settings are not working. And, that is what your problem is. Show this: cat /etc/hosts cat /etc/resolv.conf hostname -f hostname -d hostname -s hostname -A hostname -I cat /etc/krb5.conf The bind setup on my Debian (10) Buster AD-DC's with Bind9_dlz About same setup as

On 7/3/2020 9:50 AM, Rowland penny via samba wrote: > I thought I explained that, but lets try again ;-) > > Originally, Samba used /var/lib/samba/private for the dns.keytab and > other dns files. This was then found to be possibly insecure, so it > was decided to use /var/lib/samba/bind-dns instead. When you upgrade > the Samba packages, the old files are not removed, but the

So I had dhcp, radvd and bind working together nicely and now I threw in a wrench of setting up an AD DC I want to change my dhcp server setting to put client's into the new AD Domain but am a little hesitant as it is all working so nicely with DDNS I'm starting to think all I need to do is edit just my dhcpd.conf and change occurrences of DOMAIN1.SUBDOMAIN.TLD to

Hai Bob, Try this. First flush cache. net cache flush getent passwd username id username And run this one again for me: https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-info.sh Reply might be bit later on, im running around here. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens Bob

Hi all, I'm simply overwhelmed with both the speed and quality of responses. I wish all mailing lists and forums were like this! I'm going to follow your suggestions and try to follow the template below. My choice of new DC will probably be 4.9.5 on buster. What steps would you recommend to unlink my broken 4.0.9 -> 4.5.16 replication before shutting down 4.5.16? Is it sufficient

I had left my config alone for now and dhcp still writes to DOMAIN1.SUBDOMAIN.TLD. But samba has been complaining about not being able to write to bind in its zone. [2016/05/27 07:30:06.738434, 0] ../source4/dsdb/dns/dns_update.c:295(dnsupdate_nameupdate_done) ../source4/dsdb/dns/dns_update.c:295: Failed DNS update - NT_STATUS_UNSUCCESSFUL If you are right about it using kerberos I think I am

https://wiki.samba.org/index.php/Configure_BIND_as_backend_for_Samba_AD helped me find that I needed to add options { [...] tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab"; [...] }; That seems to have fixed my errors with DNS On Fri, May 27, 2016 at 9:26 AM, Rowland penny <rpenny at samba.org> wrote: > On 27/05/16 14:37, Jeff Sadowski wrote: >

Am 12.03.2019 um 10:16 schrieb Rowland Penny via samba: > On Tue, 12 Mar 2019 01:47:53 +0100 > Christian via samba <samba at lists.samba.org> wrote: > >> Am 11.03.2019 um 09:24 schrieb Rowland Penny via samba: >>> On Mon, 11 Mar 2019 07:16:30 +0100 >>> Christian via samba <samba at lists.samba.org> wrote: >>> >>>> Dear all,

On Fri, May 27, 2016 at 10:23 AM, Rowland penny <rpenny at samba.org> wrote: > On 27/05/16 17:11, Jeff Sadowski wrote: > >> https://wiki.samba.org/index.php/Configure_BIND_as_backend_for_Samba_AD >> helped me find that I needed to add >> >> options { >> [...] >> tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab"; >>

Set auth-nxdomain yes; And stop/start bind9 Other source : https://blogs.technet.microsoft.com/teamdhcp/2015/09/10/a-description-of-the-dns-dynamic-update-message-format/ /snap The DNS Client and Server services support the use of dynamic updates, as described in Request for Comments (RFC) 2136, "Dynamic Updates in the Domain Name System." The DNS Server service allows dynamic

I am reading: https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-bind-rndc.html I have bind installed and default config running. I have not applied my customizations yet. The first step I am taking is getting rndc.key created. So reading the guide I am trying to run (while logged in as root, and in /etc): dnssec-keygen -a hmac-md5 -b 256 -n HOST rndc.key The system is just

I've been working on setting up the Sernet 4.1x series samba builds for Centos 6. Provisioned via sudo /usr/bin/samba-tool domain provision --use-rfc2307 -interactive With the goal of providing authentication, user and group management with file and print services to Widows 7/8 clients, & authentication user and group management for Linux system users. The question is around my confusion