Hi Amitay I think you may be getting mixed up between my issues with upgrading and the original poster's (Jeremy/jdfire) issue with a new provision :)
The messages from the logs are all from Jeremy. It's a new provision, so there's no "migration" unless I'm missing something. My issues with upgradeprovision etc. are unrelated to Jeremy's issue. I just mentioned that I hadn't tested the DLZ module yet because I was still running an old provision from before the DLZ module existed. On 22 February 2012 10:24, Amitay Isaacs <[email protected]> wrote: > HI Michael, > > On Wed, Feb 22, 2012 at 7:06 PM, Michael Wood <[email protected]> wrote: >> Hi >> >> On 22 February 2012 01:46, <[email protected]> wrote: >>>> The default DNS backend has changed to BIND9_DLZ. This means the DNS >>>> records are stored in Samba4's AD tree instead of in a normal zone >>>> file. >> [...] >>>> If you're just starting out, you might want to try the DLZ backend. >>> >>> Thank you for your help! I was able to get a new Bind version to somewhat >>> work. I was able to join an XP machine to the domain but DNS seems to not >>> be updating correctly. Below you will find the logs that I am seeing. >> >> I don't know what would cause that, but you could try increasing the >> debug level (e.g. samba -d10 -i -M single) to see if it gives you more >> details about the issue. Increasing bind9's debug level might help >> too. >> >> Also, you might want to discuss this on samba-technical. I've copied >> my reply there. Since Samba 4 is still in alpha, the HOWTO says to >> discuss successes/failures on samba-technical. >> >>> /var/log/messages: >>> >>> >>> Feb 21 16:39:39 davis named[1163]: validating @0x24c0d30: com SOA: no >>> valid signature found >>> Feb 21 16:39:39 davis named[1163]: validating @0x220f220: com SOA: no >>> valid signature found >>> Feb 21 16:39:39 davis named[1163]: validating @0x220f220: >>> CK0POJMG874LJREF7EFN8430QVIT8BSM.com NSEC3: no valid signature found >>> Feb 21 16:39:39 davis named[1163]: validating @0x24c0d30: >>> CK0POJMG874LJREF7EFN8430QVIT8BSM.com NSEC3: no valid signature found >>> Feb 21 16:39:39 davis named[1163]: validating @0x198b010: >>> A2MEHD73GB2UACB908FCH30EPFLFHMH7.com NSEC3: no valid signature found >>> Feb 21 16:39:39 davis named[1163]: validating @0x24c0d30: >>> A2MEHD73GB2UACB908FCH30EPFLFHMH7.com NSEC3: no valid signature found >>> Feb 21 16:39:40 davis named[1163]: validating @0x24c0d30: >>> 3RL0HJSI26SCTO21AV9TVIGIPUVPJAI1.com NSEC3: no valid signature found >>> Feb 21 16:39:40 davis named[1163]: validating @0x198b010: >>> 3RL0HJSI26SCTO21AV9TVIGIPUVPJAI1.com NSEC3: no valid signature found > > These messages are from DNSSEC and are not really from dlz_bind9 module. > Can you check if you have any lines in the log with prefix samba_dlz? > >>> samba output in single mode: >>> >>> >>> samba -i -M single >>> samba version 4.0.0alpha18-GIT-89586ed started. >>> Copyright Andrew Tridgell and the Samba Team 1992-2012 >>> samba: using 'single' process model >>> ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - >>> NT_STATUS_UNSUCCESSFUL >>> >>> >>> Any ideas as to what that could me? Thank you for your time and have a >>> great day! > > To check if dynamic dns is working, you can try to run samba_dnsupdate > script manually. > Make sure bind9 and samba are running and then > > # samba_dnsupdate --verbose > > This will try to dynamically update various names in the zone. And > check the logs for > messages from dlz_bind9 module. The stuff below about DNS migration is not relevant for Jeremy's problem, I don't think. Right? > Just to make sure that the DNS migration has completed correctly, can > you post the output of > following commands: > > # ldbsearch -H /path/to/sam.ldb -b "DC=DomainDnsZones,DC...." > "(name=@)" --show-binary > # ldbsearch -H /path/to/sam.ldb -b "DC=ForestDnsZones,DC=...." > "(name=@)" --show-binary > > There was an issue previously with migration that @ records were not > populated correctly. > > Amitay. -- Michael Wood <[email protected]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
