Re: [Samba] Samba4/Windows DNS replication and administration issue
On Thu, 2013-09-05 at 20:39 -0700, Pete Storkey wrote: I have tried manually recreating dns.keytab: # samba-tool domain exportkeytab --principal=DNS/server.domain.com /var/lib/samba/private/dns.keytab # samba-tool domain exportkeytab --principal=DNS/windowsserver.domain.com /var/lib/samba/private/dns.keytab That syntax seems wrong. # samba-tool domain exportkeytab /path/to/dns.keytab --principal=server1.your.domain The contents of dns.keytab are as follows: # ktutil ktutil: read_kt /var/lib/samba/private/dns.keytab ktutil: list slot KVNO Principal - 11 DNS/server.domain@domain.com 21 DNS/server.domain@domain.com 31 DNS/server.domain@domain.com 4 31 DNS/windowsserver.domain@domain.com 5 31 DNS/windowsserver.domain@domain.com 6 31 DNS/windowsserver.domain@domain.com 7 31 DNS/windowsserver.domain@domain.com The problem persists after recreating dns.keytab and restarting Samba and Bind daemons. Is this the correct way to generate the dns.keytab? Is there anything I'm missing? Maybe you didn't recreate the keytab? Look for the timestamp: klist -kte /path/to/dns.keytab The only difference I can see with our keytab is that we have: DNS/fqdn@REALM and short-hostname@REALM Maybe this isn't a keytab issue? HTH Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4/Windows DNS replication and administration issue
t looks as though I have a bad key in my dns.keytab. I see the following messages in /var/named/data/named.run: process_gsstkey(): dns_tsigerror_badkey If I manually trigger replication from the Linux/samba server, I see denied messages for dynamic dns updates coming from the windows server in /var/log/messages: # samba-tool drs replicate server.domain.com windowsserver.domain.com dc=domain,dc=com named[24467]: samba_dlz: starting transaction on zone _msdcs.domain.com named[24467]: client 192.168.0.2#62937: update '_msdcs.domain.com/IN' denied named[24467]: samba_dlz: cancelling transaction on zone _msdcs.domain.com If I manually trigger replication from the Windows server via Active Directory Sites and Services, I get an error dialog about DomainDnsZones.domain.com naming context in the process of being removed or is not replicated from the specified server. named.conf has the following line: tkey-gssapi-keytab /var/lib/samba/private/dns.keytab; I have tried manually recreating dns.keytab: # samba-tool domain exportkeytab --principal=DNS/server.domain.com /var/lib/samba/private/dns.keytab # samba-tool domain exportkeytab --principal=DNS/windowsserver.domain.com /var/lib/samba/private/dns.keytab The contents of dns.keytab are as follows: # ktutil ktutil: read_kt /var/lib/samba/private/dns.keytab ktutil: list slot KVNO Principal - 11 DNS/server.domain@domain.com 21 DNS/server.domain@domain.com 31 DNS/server.domain@domain.com 4 31 DNS/windowsserver.domain@domain.com 5 31 DNS/windowsserver.domain@domain.com 6 31 DNS/windowsserver.domain@domain.com 7 31 DNS/windowsserver.domain@domain.com The problem persists after recreating dns.keytab and restarting Samba and Bind daemons. Is this the correct way to generate the dns.keytab? Is there anything I'm missing? Thanks, Pete On Sep 1, 2013, at 4:14 PM, Pete Storkey pstor...@shaw.ca wrote: Hi all, I am having trouble with DNS replication between a Linux/Samba 4.0.9 box and Windows Server 2012 domain controller, as well as administering the Linux DNS from the Windows DNS Manager snap-in. First a little background. I am trying to integrate a Samba 4.0.9 server as a domain controller in an existing Windows Active Directory domain. The domain and forest are at Windows 2008R2 functional level with a single domain controller which was upgraded from Windows Server 2008 R2 to Windows Server 2012. I am running CentOS 6.4 x64, patched to current levels. I downloaded and installed the Sernet binaries for Samba 4.0.9 but ran into problems joining the domain. It failed with the following error: ERROR: no subClassOf 'top' for 'samDomain' I found a bug report for this error at https://bugzilla.samba.org/show_bug.cgi?id=8680 and rebuilt the Sernet RPMs with the patches implemented. This time I was able to successfully join the domain. Replication seems to be working but I do get a warning from samba-tool drs showrepl: KCC CONNECTION OBJECTS Connection -- Connection name: 3c20a62a-ad94-40ef-b346-ba8b15f829f8 Enabled: TRUE Server DNS name : server.example.com Server DN name : CN=NTDS Settings,CN=server,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com TransportType: RPC options: 0x0001 Warning: No NC replicated for Connection! The inbound and outbound neighbors all appear to be ok. I started out with internal DNS but when I was unable to get it working correctly, I switched to bind (Centos package bind-9.8.2-0.17.rc1.el6_4.6.x86_64). The problem is that when I try to administer DNS through the Windows DNS Manager snap-in, my forward domain fails to load, with an error indicating zone data may be corrupt (it opens fine on the Windows DNS server). Additionally, my reverse zone does not appear to have replicated to the Linux server. When I click on the forward zone in DNS Manager, I see the following in /var/log/messages: smbd[24043]: [2013/09/01 15:30:21.091035, 0] ../source3/rpc_server/svcctl/srv_svcctl_nt.c:326(_svcctl_OpenServiceW) smbd[24043]: _svcctl_OpenServiceW: Failed to get a valid security descriptorfree_pipe_context: destroying talloc pool of size 275 samba[19596]: [2013/09/01 15:30:25.505483, 0] ../source4/rpc_server/dnsserver/dcerpc_dnsserver.c:1068(dnsserver_query_zone) samba[19596]: dnsserver: Invalid zone operation IsSigneddnsserver: Invalid zone operation IsSigneddnsserver: Invalid zone operation IsSigneddnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49ndr_push_error(2): Bad switch value 49 at default/librpc/gen_ndr/ndr_dnsserver.c:544 samba[19596]:
[Samba] Samba4/Windows DNS replication and administration issue
Hi all, I am having trouble with DNS replication between a Linux/Samba 4.0.9 box and Windows Server 2012 domain controller, as well as administering the Linux DNS from the Windows DNS Manager snap-in. First a little background. I am trying to integrate a Samba 4.0.9 server as a domain controller in an existing Windows Active Directory domain. The domain and forest are at Windows 2008R2 functional level with a single domain controller which was upgraded from Windows Server 2008 R2 to Windows Server 2012. I am running CentOS 6.4 x64, patched to current levels. I downloaded and installed the Sernet binaries for Samba 4.0.9 but ran into problems joining the domain. It failed with the following error: ERROR: no subClassOf 'top' for 'samDomain' I found a bug report for this error at https://bugzilla.samba.org/show_bug.cgi?id=8680 and rebuilt the Sernet RPMs with the patches implemented. This time I was able to successfully join the domain. Replication seems to be working but I do get a warning from samba-tool drs showrepl: KCC CONNECTION OBJECTS Connection -- Connection name: 3c20a62a-ad94-40ef-b346-ba8b15f829f8 Enabled: TRUE Server DNS name : server.example.com Server DN name : CN=NTDS Settings,CN=server,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com TransportType: RPC options: 0x0001 Warning: No NC replicated for Connection! The inbound and outbound neighbors all appear to be ok. I started out with internal DNS but when I was unable to get it working correctly, I switched to bind (Centos package bind-9.8.2-0.17.rc1.el6_4.6.x86_64). The problem is that when I try to administer DNS through the Windows DNS Manager snap-in, my forward domain fails to load, with an error indicating zone data may be corrupt (it opens fine on the Windows DNS server). Additionally, my reverse zone does not appear to have replicated to the Linux server. When I click on the forward zone in DNS Manager, I see the following in /var/log/messages: smbd[24043]: [2013/09/01 15:30:21.091035, 0] ../source3/rpc_server/svcctl/srv_svcctl_nt.c:326(_svcctl_OpenServiceW) smbd[24043]: _svcctl_OpenServiceW: Failed to get a valid security descriptorfree_pipe_context: destroying talloc pool of size 275 samba[19596]: [2013/09/01 15:30:25.505483, 0] ../source4/rpc_server/dnsserver/dcerpc_dnsserver.c:1068(dnsserver_query_zone) samba[19596]: dnsserver: Invalid zone operation IsSigneddnsserver: Invalid zone operation IsSigneddnsserver: Invalid zone operation IsSigneddnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49ndr_push_error(2): Bad switch value 49 at default/librpc/gen_ndr/ndr_dnsserver.c:544 samba[19596]: [2013/09/01 15:30:26.272723, 0] ../source4/rpc_server/dnsserver/dnsdata.c:354(dnsp_to_dns_copy) samba[19596]: dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49ndr_push_error(2): Bad switch value 49 at default/librpc/gen_ndr/ndr_dnsserver.c:544 Querying DNS via nslookup/dig/host works fine but querying through samba-tool gives an error: # samba-tool dns query server.domain.com domain.com @ ALL GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend 'sasl-DIGEST-MD5' registered GENSEC backend 'schannel' registered GENSEC backend 'spnego' registered GENSEC backend 'ntlmssp' registered GENSEC backend 'krb5' registered GENSEC backend 'fake_gssapi_krb5' registered Using binding ncacn_ip_tcp:server.example.com[,sign] ERROR(runtime): uncaught exception - (-1073545204, 'NT_STATUS_RPC_BAD_STUB_DATA') File /usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/lib64/python2.6/site-packages/samba/netcmd/dns.py, line 974, in run None, record_type, select_flags, None, None) and I see the following in /var/log/messages: samba[19596]: [2013/09/01 15:31:55.207112, 0] ../source4/rpc_server/dnsserver/dnsdata.c:354(dnsp_to_dns_copy) samba[19596]: dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49ndr_push_error(2): Bad switch value 49 at default/librpc/gen_ndr/ndr_dnsserver.c:544 Any help would be much appreciated. Thanks, Pete -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4/Windows DNS replication and administration issue
Hi all, I am having trouble with DNS replication between a Linux/Samba 4.0.9 box and Windows Server 2012 domain controller, as well as administering the Linux DNS from the Windows DNS Manager snap-in. First a little background. I am trying to integrate a Samba 4.0.9 server as a domain controller in an existing Windows Active Directory domain. The domain and forest are at Windows 2008R2 functional level with a single domain controller which was upgraded from Windows Server 2008 R2 to Windows Server 2012. I am running CentOS 6.4 x64, patched to current levels. I downloaded and installed the Sernet binaries for Samba 4.0.9 but ran into problems joining the domain. It failed with the following error: ERROR: no subClassOf 'top' for 'samDomain' I found a bug report for this error at https://bugzilla.samba.org/show_bug.cgi?id=8680 and rebuilt the Sernet RPMs with the patches implemented. This time I was able to successfully join the domain. Replication seems to be working but I do get a warning from samba-tool drs showrepl: KCC CONNECTION OBJECTS Connection -- Connection name: 3c20a62a-ad94-40ef-b346-ba8b15f829f8 Enabled: TRUE Server DNS name : server.example.com Server DN name : CN=NTDS Settings,CN=server,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=example,DC=com TransportType: RPC options: 0x0001 Warning: No NC replicated for Connection! The inbound and outbound neighbors all appear to be ok. I started out with internal DNS but when I was unable to get it working correctly, I switched to bind (Centos package bind-9.8.2-0.17.rc1.el6_4.6.x86_64). The problem is that when I try to administer DNS through the Windows DNS Manager snap-in, my forward domain fails to load, with an error indicating zone data may be corrupt (it opens fine on the Windows DNS server). Additionally, my reverse zone does not appear to have replicated to the Linux server. When I click on the forward zone in DNS Manager, I see the following in /var/log/messages: smbd[24043]: [2013/09/01 15:30:21.091035, 0] ../source3/rpc_server/svcctl/srv_svcctl_nt.c:326(_svcctl_OpenServiceW) smbd[24043]: _svcctl_OpenServiceW: Failed to get a valid security descriptorfree_pipe_context: destroying talloc pool of size 275 samba[19596]: [2013/09/01 15:30:25.505483, 0] ../source4/rpc_server/dnsserver/dcerpc_dnsserver.c:1068(dnsserver_query_zone) samba[19596]: dnsserver: Invalid zone operation IsSigneddnsserver: Invalid zone operation IsSigneddnsserver: Invalid zone operation IsSigneddnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49ndr_push_error(2): Bad switch value 49 at default/librpc/gen_ndr/ndr_dnsserver.c:544 samba[19596]: [2013/09/01 15:30:26.272723, 0] ../source4/rpc_server/dnsserver/dnsdata.c:354(dnsp_to_dns_copy) samba[19596]: dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49ndr_push_error(2): Bad switch value 49 at default/librpc/gen_ndr/ndr_dnsserver.c:544 Querying DNS via nslookup/dig/host works fine but querying through samba-tool gives an error: # samba-tool dns query server.domain.com domain.com @ ALL GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend 'sasl-DIGEST-MD5' registered GENSEC backend 'schannel' registered GENSEC backend 'spnego' registered GENSEC backend 'ntlmssp' registered GENSEC backend 'krb5' registered GENSEC backend 'fake_gssapi_krb5' registered Using binding ncacn_ip_tcp:server.example.com[,sign] ERROR(runtime): uncaught exception - (-1073545204, 'NT_STATUS_RPC_BAD_STUB_DATA') File /usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/lib64/python2.6/site-packages/samba/netcmd/dns.py, line 974, in run None, record_type, select_flags, None, None) and I see the following in /var/log/messages: samba[19596]: [2013/09/01 15:31:55.207112, 0] ../source4/rpc_server/dnsserver/dnsdata.c:354(dnsp_to_dns_copy) samba[19596]: dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49dnsserver: Found Unhandled DNS record type=49ndr_push_error(2): Bad switch value 49 at default/librpc/gen_ndr/ndr_dnsserver.c:544 Any help would be much appreciated. Thanks, Pete -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4: Internal DNS doesn't forward
Hello, I've installed samba 4.0.9 on opensuse 12.2 with server role = active directory domain controller. I've configured internal Samba DNS (192.168.0.3) and dns forwarder (192.168.0.2) on domain provision. If I query a local LAN server hostname, the query will be forwarded but not answered. The reverse lookup works. Quey: samba-server:/ # nslookup depotserver Server: 192.168.0.3 Address:192.168.0.3#53 Non-authoritative answer: *** Can't find depotserver: No answer Samba-Log: [2013/08/23 16:52:12.027457, 2] ../source4/dns_server/dns_query.c:624(dns_server_process_query_send) Not authoritative for 'depotserver', forwarding Reverse query: samba-server:/ # nslookup 192.168.0.5 Server: 192.168.0.3 Address:192.168.0.3#53 Non-authoritative answer: 5.0.168.192.in-addr.arpaname = depotserver.aximo-gtp.local. Authoritative answers can be found from: 0.168.192.in-addr.arpa nameserver = ns.aximo-gtp.local. Samba-Log: [2013/08/23 16:53:13.192980, 2] ../source4/dns_server/dns_query.c:624(dns_server_process_query_send) Not authoritative for '5.0.168.192.in-addr.arpa', forwarding I can query another DNS server directly: samba-server:/ # nslookup depotserver 192.168.0.2 Server: 192.168.0.2 Address:192.168.0.2#53 Name: depotserver.aximo-gtp.local Address: 192.168.0.5 samba-server:/ # nslookup 192.168.0.5 192.168.0.2 Server: 192.168.0.2 Address:192.168.0.2#53 5.0.168.192.in-addr.arpaname = depotserver.aximo-gtp.local. Do I have a problem in my Samba4 environment? Thenk you for your help. Kind regards, Igi -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 - Manage DNS with MMC shows ghost Entries
Hi, We wanted to deploy Samba4 in our existing Samba3 Environment. So far everything (migrating the user data etc) went quite well, but after the initial domain-deployment we are seeing ghost entries or random data in our DNS MMC snap-in on our windows client. Every refresh triggers a new view. Basically it is the problem/bug outlined here: https://bugzilla.samba.org/show_bug.cgi?id=9791 As you can see from bugzilla, we tried a lot of different versions but the odd behavior still stays the same. So we had to stop the deployment and have yet to wait for some information regarding this issue. We'd really like to deploy Samba4, but we need to understand the outlined behavior first before we dare to use it in a running production environment. Does anyone else has encountered or seen this behavior as well? regards Mark B. Sander -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 - Manage DNS with MMC shows ghost Entries
Hi Mark, We wanted to deploy Samba4 in our existing Samba3 Environment. So far everything (migrating the user data etc) went quite well, but after the initial domain-deployment we are seeing ghost entries or random data in our DNS MMC snap-in on our windows client. Every refresh triggers a new view. Basically it is the problem/bug outlined here: https://bugzilla.samba.org/show_bug.cgi?id=9791 As you can see from bugzilla, we tried a lot of different versions but the odd behavior still stays the same. So we had to stop the deployment and have yet to wait for some information regarding this issue. We'd really like to deploy Samba4, but we need to understand the outlined behavior first before we dare to use it in a running production environment. Does anyone else has encountered or seen this behavior as well? There has been some people having the same weird issue (cf. thread http://article.gmane.org/gmane.network.samba.general/130443/). The thing is quite visually annoying, but it does not seem to have any consequences on the proper functionning of the dns server. I've had this issue both with internal DNS and bind, and with a few different versions of samba4. I haven't tried the fresh 4.0.6 though. When looking at entries through samba-tool or directly in ldap with apache directory studio, everything seems to be fine. It is probably some non ms handling of the dnsRecord attribute data that make the weird display. If you can bear with the strange display, this shouldn't be a show stopper. Cheers, Denis regards Mark B. Sander -- Denis Cardon Tranquil IT Systems Les Espaces Jules Verne, bâtiment A 12 avenue Jules Verne 44230 Saint Sébastien sur Loire tel : +33 (0) 2.40.97.57.55 http://www.tranquil-it-systems.fr -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 internal dns update
Hello Last week we changed our ip range, every computer was shutdown and everything is working, but we are still getting the old ip address on the dns, my version is samba 4.0.3 and i am using internal dns This is the actual smb.conf [global] workgroup = MYCOMPANY realm = MYCOMPANY.COM.CO netbios name = DOMINIO server role = active directory domain controller idmap_ldb:use rfc2307 = yes dns forwarder = 8.8.8.8 wins support = Yes log level = 1 allow dns updates = True Any suggestions? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 internal dns update
Hey Cristian: This sounds exactly like the issue I had, documented in: https://lists.samba.org/archive/samba/2013-April/172611.html When computers are first joined, it appears as though samba sets *static* DNS entries for them, even though their IPs are likely to change. I haven't yet had a chance to check the proposed fixes (either deleting/updating the entries via the Windows DNS console, or setting each client to update their DNS). The DNS settings is called Register this connection's addresses in DNS and looks like: http://imgur.com/B33UYhI Not sure if this is a bug -- seems odd, since many clients are DHCP assigned. - Nick On Wed, Apr 17, 2013 at 10:28 AM, Cristian Saavedra c...@asualcance.comwrote: Hello Last week we changed our ip range, every computer was shutdown and everything is working, but we are still getting the old ip address on the dns, my version is samba 4.0.3 and i am using internal dns This is the actual smb.conf [global] workgroup = MYCOMPANY realm = MYCOMPANY.COM.CO netbios name = DOMINIO server role = active directory domain controller idmap_ldb:use rfc2307 = yes dns forwarder = 8.8.8.8 wins support = Yes log level = 1 allow dns updates = True Any suggestions? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 internal dns update
Sounds like you are hitting this bug ... https://bugzilla.samba.org/show_bug.cgi?id=9216 There are instructions there on how to work around this issue. Ricky On Wed, Apr 17, 2013 at 11:03 AM, Nick Semenkovich seme...@alum.mit.eduwrote: Hey Cristian: This sounds exactly like the issue I had, documented in: https://lists.samba.org/archive/samba/2013-April/172611.html When computers are first joined, it appears as though samba sets *static* DNS entries for them, even though their IPs are likely to change. I haven't yet had a chance to check the proposed fixes (either deleting/updating the entries via the Windows DNS console, or setting each client to update their DNS). The DNS settings is called Register this connection's addresses in DNS and looks like: http://imgur.com/B33UYhI Not sure if this is a bug -- seems odd, since many clients are DHCP assigned. - Nick On Wed, Apr 17, 2013 at 10:28 AM, Cristian Saavedra c...@asualcance.com wrote: Hello Last week we changed our ip range, every computer was shutdown and everything is working, but we are still getting the old ip address on the dns, my version is samba 4.0.3 and i am using internal dns This is the actual smb.conf [global] workgroup = MYCOMPANY realm = MYCOMPANY.COM.CO netbios name = DOMINIO server role = active directory domain controller idmap_ldb:use rfc2307 = yes dns forwarder = 8.8.8.8 wins support = Yes log level = 1 allow dns updates = True Any suggestions? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 internal dns on reboot
Hi all, Im a bit new to linux I've setup samba 4.0.4 as a PDC using the samba internal dns on ubuntu 12.10 and all is working well. with exception of one issue On reboot I cant ping hostnames local to my dns on the PDC but I can reslolve them with the internal dns fine. I can also ping external hostnames from the PDC though. on the PDC it will just take a while to display host not found after pinging a hostname resolved by the DNS (I can ping whatever is in /etc/hosts fine) On the clients pointing to the DNS server they are able to ping the hostnames fine. The catcher is I can ping all internal dns hostnames after service networking restart on the Samba PDC. What could be stopping it from allowing it to ping hostnames it can resolve? Also for it to work I have to restart the whole service, not just a ifdown ifup Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 Internal DNS - CNAME not working
Hello, It seems Samba4 is having problems with CNAME records. I am seeing the same behavior as mentioned in the thread below. Is there any ETA on a fix for this? This is identical to the problem with MX records. This is currently a much bigger problem than the MX records. I appreciate any assistance. [root@DC1 var]# dig autodiscover.testdom.com CNAME ; DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.6 autodiscover.testdom.com CNAME ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 24296 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;autodiscover.testdom.com. IN CNAME ;; ANSWER SECTION: autodiscover.testdom.com. 900 IN CNAME autodiscover.foo.com. ;; Query time: 1 msec ;; SERVER: 192.168.100.3#53(192.168.100.3) ;; WHEN: Thu Jan 31 10:35:32 2013 ;; MSG SIZE rcvd: 77 [root@DC1 var]# ping autodiscover.testdom.com ping: unknown host autodiscover.testdom.com [root@DC1 var]# samba-tool dns query dc1 testdom.com autodiscover CNAME Password for [administra...@internal.testdom.com]: Name=, Records=1, Children=0 CNAME: autodiscover.foo.com. (flags=f0, serial=65, ttl=900) https://lists.samba.org/archive/samba/2012-May/167562.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 Internal DNS - CNAME not working
I think I understand what you are saying. I tried it, and it works, but it does not buy me anything in my specific case. It's a bit confusing, but I'll try to make sense of it :) As I mentioned, autodiscover.FOO.com http://autodiscover.foo.com is a third party domain that I do not have control over, and their IP changes often (the reason they tell us to use a CNAME). At the same time, the application requires a valid record for autodiscover.MYDOMAIN.comhttp://autodiscover.testdom.comthat points to their servers. I can add an A record for autodiscover.MYDOMAIN.com http://autodiscover.testdom.com that points directly to the current IP of autodiscover.FOO.comhttp://autodiscover.foo.comand all is well. Using the workaround you mention, I would create and A record autodiscover-tmp.MYDOMAIN.com http://autodiscover-tmp.testdom.comand point that the the current IP of autodiscover.FOO.com http://autodiscover.foo.com, then create a CNAME of autodiscover.MYDOMAIN.com http://autodiscover.testdom.com that aliases autodiscover-tmp.MYDOMAIN.com http://autodiscover-tmp.testdom.com. While this indeed works, once the IP of autodiscover.FOO.comhttp://autodiscover.foo.comchanges, I'll still have to update a local A record - autodiscover-tmp instead of autodiscover. Samba4 also has some problems with MX records, where they are reported by dig and samba-tool, but my mail server can't locate it, though I don't know if they are related. and I suspect these are related. I may have to see about moving DNS from internal to bind9_dlz, if that's even possible. Thank you for your help. On Thu, Jan 31, 2013 at 1:35 PM, Ricky Nance ricky.na...@weaubleau.k12.mo.us wrote: I think it'd be worth a shot. I could help you in a couple of hours. If you want to catch me on IRC that would be quite helpful. Ricky On Thu, Jan 31, 2013 at 12:27 PM, Thomas Simmons twsn...@gmail.comwrote: Thank you Ricky, though I don't think this will help in my case. Please let me know if you think otherwise. autodiscover.foo.com is a third party domain that I do not have control over. They have multiple A records which will change from time to time. We must create a CNAME for autodiscover.testdom.com which aliases to autodiscover.foo.com. We had an A record in place, so autodiscover.testdom.com would point directly to the current IP of autodiscover.foo.com. The IP of autodiscover.foo.com changed at some point, which caused some major issues. On Thu, Jan 31, 2013 at 1:10 PM, Ricky Nance ricky.na...@weaubleau.k12.mo.us wrote: Looks like you rediscovered my bug ;) .. https://bugzilla.samba.org/show_bug.cgi?id=9409 There is a work around there. Ricky On Thu, Jan 31, 2013 at 9:50 AM, Thomas Simmons twsn...@gmail.comwrote: Hello, It seems Samba4 is having problems with CNAME records. I am seeing the same behavior as mentioned in the thread below. Is there any ETA on a fix for this? This is identical to the problem with MX records. This is currently a much bigger problem than the MX records. I appreciate any assistance. [root@DC1 var]# dig autodiscover.testdom.com CNAME ; DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.6 autodiscover.testdom.com CNAME ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 24296 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;autodiscover.testdom.com. IN CNAME ;; ANSWER SECTION: autodiscover.testdom.com. 900 IN CNAME autodiscover.foo.com. ;; Query time: 1 msec ;; SERVER: 192.168.100.3#53(192.168.100.3) ;; WHEN: Thu Jan 31 10:35:32 2013 ;; MSG SIZE rcvd: 77 [root@DC1 var]# ping autodiscover.testdom.com ping: unknown host autodiscover.testdom.com [root@DC1 var]# samba-tool dns query dc1 testdom.com autodiscover CNAME Password for [administra...@internal.testdom.com]: Name=, Records=1, Children=0 CNAME: autodiscover.foo.com. (flags=f0, serial=65, ttl=900) https://lists.samba.org/archive/samba/2012-May/167562.html -- -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 Internal DNS - CNAME not working
On 2013-01-31 16:50, Thomas Simmons wrote: Hi Thomas, It seems Samba4 is having problems with CNAME records. I am seeing the same behavior as mentioned in the thread below. Is there any ETA on a fix for this? This is identical to the problem with MX records. This is currently a much bigger problem than the MX records. I appreciate any assistance. Is your CNAME pointing at a CNAME outside of the DNS server's control? If so, you're likely running into https://bugzilla.samba.org/show_bug.cgi?id=9409 Don't have an ETA for a fix, I'm afraid. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4: internal DNS orphaned dnsNode objects with no dnsRecord
I was having some problems with certain entries in my internal DNS server refusing to be updated via nsupdate. The updates would always be rejected. After investigating further I noticed that this seemed to correspond with dnsNode entries in the sam.ldb that didn't actually contain a dnsRecord attribute. i.e., the records found by this search: $ sudo ldbsearch -H /var/lib/samba/private/sam.ldb '((objectClass=dnsNode)(!(dnsRecord=*)))' Are there any risks associated with doing an ldbmodify to delete all of these entries? How might they have come about? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal DNS not responding to DNS requests - SOLVED
The problem was definitely SELinux and/or firewall (iptables). Thank you for the help. On Wed, Jan 9, 2013 at 8:38 PM, Andrew Bartlett abart...@samba.org wrote: On Wed, 2013-01-09 at 09:47 -0500, fe...@epepm.cupet.cu wrote: I am not able to get the Samba4 internal DNS server to respond to DNS requests on the network. I am running Samba4 4.1.0pre1-GIT-c1fb37d on my CentOS 6.3 system. I followed the instructions here: https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO I configured Samba4 to use the internal DNS server. My Samba4 server is 192.168.0.13. Its full hostname is ubuntu-ad.allenlan.net. The realm is ALLENLAN.NET. The DNS testing section of the document passes: $host -t SRV _ldap._tcp.allenlan.net. _ldap._tcp.allenlan.net has SRV record 0 100 389 ubuntu-ad.allenlan.net. $host -t SRV _kerberos._udp.allenlan.net. _kerberos._udp.allenlan.net has SRV record 0 100 88 ubuntu-ad.allenlan.net. $host -t A ubuntu-ad.allenlan.net. ubuntu-ad.allenlan.net has address 192.168.0.13 I configured my Windows XP system with a DNS of 192.168.0.13 (Samba4 server). When I perform the Windows command nslookup ubuntu-ad.allenlan.net (or any variation of that) it reports: DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 192.168.0.13: Timed out (above 3 messages repeat again) Default servers are not available Server: UnKnown Address: 192.168.0.13 The Windows system can ping the Samba4 server by IP address. Any help would be appreciated! More configuration information below. /etc/resolv.conf: domain allenlan.net nameserver 192.168.0.13 /usr/local/samba/etc/smb.conf: [global] workgroup = ALLENLAN realm = ALLENLAN.NET netbios name = UBUNTU-AD server role = active directory domain controller dns forwarder = 192.168.0.1 interfaces = 192.168.0.13 127.0.0.1 bind interfaces only = yes log level = 3 server services = smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns /etc/hosts: 192.168.0.13ubuntu-ad ubuntu-ad.allenlan.net 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 $hostname ubuntu-ad.allenlan.net That was the reason I switched to bind9. The internal dns server used to keep connections open, without closing old ones, until reaching the limit of max files... I don't know wether it's been already fixed or not. But it doesn't happen with bind. This topic is been in the list before. Yes, we fixed that (with a timeout). Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- *Lee Allen* email: l...@leecallen.com bus: (716) 773-2729 home: (716) 773-2326 cell: (716) 880-0854 fax: (716) 408-8844 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 internal DNS not responding to DNS requests
I am not able to get the Samba4 internal DNS server to respond to DNS requests on the network. I am running Samba4 4.1.0pre1-GIT-c1fb37d on my CentOS 6.3 system. I followed the instructions here: https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO I configured Samba4 to use the internal DNS server. My Samba4 server is 192.168.0.13. Its full hostname is ubuntu-ad.allenlan.net. The realm is ALLENLAN.NET. The DNS testing section of the document passes: $host -t SRV _ldap._tcp.allenlan.net. _ldap._tcp.allenlan.net has SRV record 0 100 389 ubuntu-ad.allenlan.net. $host -t SRV _kerberos._udp.allenlan.net. _kerberos._udp.allenlan.net has SRV record 0 100 88 ubuntu-ad.allenlan.net. $host -t A ubuntu-ad.allenlan.net. ubuntu-ad.allenlan.net has address 192.168.0.13 I configured my Windows XP system with a DNS of 192.168.0.13 (Samba4 server). When I perform the Windows command nslookup ubuntu-ad.allenlan.net (or any variation of that) it reports: DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 192.168.0.13: Timed out (above 3 messages repeat again) Default servers are not available Server: UnKnown Address: 192.168.0.13 The Windows system can ping the Samba4 server by IP address. Any help would be appreciated! More configuration information below. /etc/resolv.conf: domain allenlan.net nameserver 192.168.0.13 /usr/local/samba/etc/smb.conf: [global] workgroup = ALLENLAN realm = ALLENLAN.NET netbios name = UBUNTU-AD server role = active directory domain controller dns forwarder = 192.168.0.1 interfaces = 192.168.0.13 127.0.0.1 bind interfaces only = yes log level = 3 server services = smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns /etc/hosts: 192.168.0.13ubuntu-ad ubuntu-ad.allenlan.net 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 $hostname ubuntu-ad.allenlan.net Thank you. Lee Allen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal DNS not responding to DNS requests
I am not able to get the Samba4 internal DNS server to respond to DNS requests on the network. I am running Samba4 4.1.0pre1-GIT-c1fb37d on my CentOS 6.3 system. I followed the instructions here: https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO I configured Samba4 to use the internal DNS server. My Samba4 server is 192.168.0.13. Its full hostname is ubuntu-ad.allenlan.net. The realm is ALLENLAN.NET. The DNS testing section of the document passes: $host -t SRV _ldap._tcp.allenlan.net. _ldap._tcp.allenlan.net has SRV record 0 100 389 ubuntu-ad.allenlan.net. $host -t SRV _kerberos._udp.allenlan.net. _kerberos._udp.allenlan.net has SRV record 0 100 88 ubuntu-ad.allenlan.net. $host -t A ubuntu-ad.allenlan.net. ubuntu-ad.allenlan.net has address 192.168.0.13 I configured my Windows XP system with a DNS of 192.168.0.13 (Samba4 server). When I perform the Windows command nslookup ubuntu-ad.allenlan.net (or any variation of that) it reports: DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 192.168.0.13: Timed out (above 3 messages repeat again) Default servers are not available Server: UnKnown Address: 192.168.0.13 The Windows system can ping the Samba4 server by IP address. Any help would be appreciated! More configuration information below. /etc/resolv.conf: domain allenlan.net nameserver 192.168.0.13 /usr/local/samba/etc/smb.conf: [global] workgroup = ALLENLAN realm = ALLENLAN.NET netbios name = UBUNTU-AD server role = active directory domain controller dns forwarder = 192.168.0.1 interfaces = 192.168.0.13 127.0.0.1 bind interfaces only = yes log level = 3 server services = smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns /etc/hosts: 192.168.0.13ubuntu-ad ubuntu-ad.allenlan.net 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 $hostname ubuntu-ad.allenlan.net That was the reason I switched to bind9. The internal dns server used to keep connections open, without closing old ones, until reaching the limit of max files... I don't know wether it's been already fixed or not. But it doesn't happen with bind. This topic is been in the list before. Felix. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal DNS not responding to DNS requests
On 09/01/13 14:32, Lee Allen wrote: I am not able to get the Samba4 internal DNS server to respond to DNS requests on the network. I am running Samba4 4.1.0pre1-GIT-c1fb37d on my CentOS 6.3 system. I followed the instructions here: https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO I configured Samba4 to use the internal DNS server. My Samba4 server is 192.168.0.13. Its full hostname is ubuntu-ad.allenlan.net. The realm is ALLENLAN.NET. The DNS testing section of the document passes: $host -t SRV _ldap._tcp.allenlan.net. _ldap._tcp.allenlan.net has SRV record 0 100 389 ubuntu-ad.allenlan.net. $host -t SRV _kerberos._udp.allenlan.net. _kerberos._udp.allenlan.net has SRV record 0 100 88 ubuntu-ad.allenlan.net. $host -t A ubuntu-ad.allenlan.net. ubuntu-ad.allenlan.net has address 192.168.0.13 I configured my Windows XP system with a DNS of 192.168.0.13 (Samba4 server). When I perform the Windows command nslookup ubuntu-ad.allenlan.net (or any variation of that) it reports: DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 192.168.0.13: Timed out (above 3 messages repeat again) Default servers are not available Server: UnKnown Address: 192.168.0.13 The Windows system can ping the Samba4 server by IP address. Any help would be appreciated! More configuration information below. /etc/resolv.conf: domain allenlan.net nameserver 192.168.0.13 /usr/local/samba/etc/smb.conf: [global] workgroup = ALLENLAN realm = ALLENLAN.NET netbios name = UBUNTU-AD server role = active directory domain controller dns forwarder = 192.168.0.1 interfaces = 192.168.0.13 127.0.0.1 bind interfaces only = yes log level = 3 server services = smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns /etc/hosts: 192.168.0.13ubuntu-ad ubuntu-ad.allenlan.net 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 $hostname ubuntu-ad.allenlan.net Thank you. Lee Allen Hi, What does 'netstat -npl | grep 53 | grep LISTEN' return? Rowland -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal DNS not responding to DNS requests
I meant to include that in my original description. Samba is definitely listening for the DNS requests. Here it is: $ netstat -npl | grep 53 | grep LISTEN tcp0 0 127.0.0.1:530.0.0.0:* LISTEN 15799/samba tcp0 0 192.168.0.13:53 0.0.0.0:* LISTEN 15799/samba Lee On Wed, Jan 9, 2013 at 10:05 AM, Rowland Penny rpe...@f2s.com wrote: On 09/01/13 14:32, Lee Allen wrote: I am not able to get the Samba4 internal DNS server to respond to DNS requests on the network. I am running Samba4 4.1.0pre1-GIT-c1fb37d on my CentOS 6.3 system. I followed the instructions here: https://wiki.samba.org/index.**php/Samba_AD_DC_HOWTOhttps://wiki.samba.org/index.php/Samba_AD_DC_HOWTO I configured Samba4 to use the internal DNS server. My Samba4 server is 192.168.0.13. Its full hostname is ubuntu-ad.allenlan.net. The realm is ALLENLAN.NET. The DNS testing section of the document passes: $host -t SRV _ldap._tcp.allenlan.net. _ldap._tcp.allenlan.net has SRV record 0 100 389 ubuntu-ad.allenlan.net. $host -t SRV _kerberos._udp.allenlan.net. _kerberos._udp.allenlan.net has SRV record 0 100 88 ubuntu-ad.allenlan.net. $host -t A ubuntu-ad.allenlan.net. ubuntu-ad.allenlan.net has address 192.168.0.13 I configured my Windows XP system with a DNS of 192.168.0.13 (Samba4 server). When I perform the Windows command nslookup ubuntu-ad.allenlan.net (or any variation of that) it reports: DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 192.168.0.13: Timed out (above 3 messages repeat again) Default servers are not available Server: UnKnown Address: 192.168.0.13 The Windows system can ping the Samba4 server by IP address. Any help would be appreciated! More configuration information below. /etc/resolv.conf: domain allenlan.net nameserver 192.168.0.13 /usr/local/samba/etc/smb.conf: [global] workgroup = ALLENLAN realm = ALLENLAN.NET netbios name = UBUNTU-AD server role = active directory domain controller dns forwarder = 192.168.0.1 interfaces = 192.168.0.13 127.0.0.1 bind interfaces only = yes log level = 3 server services = smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns /etc/hosts: 192.168.0.13ubuntu-ad ubuntu-ad.allenlan.net 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 $hostname ubuntu-ad.allenlan.net Thank you. Lee Allen Hi, What does 'netstat -npl | grep 53 | grep LISTEN' return? Rowland -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/**mailman/options/sambahttps://lists.samba.org/mailman/options/samba -- *Lee Allen* email: l...@leecallen.com bus: (716) 773-2729 home: (716) 773-2326 cell: (716) 880-0854 fax: (716) 408-8844 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal DNS not responding to DNS requests
On 09/01/13 15:20, Lee Allen wrote: I meant to include that in my original description. Samba is definitely listening for the DNS requests. Here it is: $ netstat -npl | grep 53 | grep LISTEN tcp0 0 127.0.0.1:530.0.0.0:* LISTEN 15799/samba tcp0 0 192.168.0.13:53 0.0.0.0:* LISTEN 15799/samba Lee On Wed, Jan 9, 2013 at 10:05 AM, Rowland Penny rpe...@f2s.com wrote: On 09/01/13 14:32, Lee Allen wrote: I am not able to get the Samba4 internal DNS server to respond to DNS requests on the network. I am running Samba4 4.1.0pre1-GIT-c1fb37d on my CentOS 6.3 system. I followed the instructions here: https://wiki.samba.org/index.**php/Samba_AD_DC_HOWTOhttps://wiki.samba.org/index.php/Samba_AD_DC_HOWTO I configured Samba4 to use the internal DNS server. My Samba4 server is 192.168.0.13. Its full hostname is ubuntu-ad.allenlan.net. The realm is ALLENLAN.NET. The DNS testing section of the document passes: $host -t SRV _ldap._tcp.allenlan.net. _ldap._tcp.allenlan.net has SRV record 0 100 389 ubuntu-ad.allenlan.net. $host -t SRV _kerberos._udp.allenlan.net. _kerberos._udp.allenlan.net has SRV record 0 100 88 ubuntu-ad.allenlan.net. $host -t A ubuntu-ad.allenlan.net. ubuntu-ad.allenlan.net has address 192.168.0.13 I configured my Windows XP system with a DNS of 192.168.0.13 (Samba4 server). When I perform the Windows command nslookup ubuntu-ad.allenlan.net (or any variation of that) it reports: DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 192.168.0.13: Timed out (above 3 messages repeat again) Default servers are not available Server: UnKnown Address: 192.168.0.13 The Windows system can ping the Samba4 server by IP address. Any help would be appreciated! More configuration information below. /etc/resolv.conf: domain allenlan.net nameserver 192.168.0.13 /usr/local/samba/etc/smb.conf: [global] workgroup = ALLENLAN realm = ALLENLAN.NET netbios name = UBUNTU-AD server role = active directory domain controller dns forwarder = 192.168.0.1 interfaces = 192.168.0.13 127.0.0.1 bind interfaces only = yes log level = 3 server services = smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns /etc/hosts: 192.168.0.13ubuntu-ad ubuntu-ad.allenlan.net 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 $hostname ubuntu-ad.allenlan.net Thank you. Lee Allen Hi, What does 'netstat -npl | grep 53 | grep LISTEN' return? Rowland -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/**mailman/options/sambahttps://lists.samba.org/mailman/options/samba Hi, I thought that there may have been a possibility that dnsmasq was running, the only other thoughts I have are: How did you provision? Is the firewall blocking port 53? And that good old favourite, Selinux! Rowland -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal DNS not responding to DNS requests
I was sure I had disabled firewall and SElinux on this box. But I can't establish a netcat connection to the server so something is up. Thank you! On 09/01/13 15:20, Lee Allen wrote: I meant to include that in my original description. Samba is definitely listening for the DNS requests. Here it is: $ netstat -npl | grep 53 | grep LISTEN tcp0 0 127.0.0.1:530.0.0.0:* LISTEN 15799/samba tcp0 0 192.168.0.13:53 0.0.0.0:* LISTEN 15799/samba Lee On Wed, Jan 9, 2013 at 10:05 AM, Rowland Penny rpe...@f2s.com wrote: On 09/01/13 14:32, Lee Allen wrote: I am not able to get the Samba4 internal DNS server to respond to DNS requests on the network. I am running Samba4 4.1.0pre1-GIT-c1fb37d on my CentOS 6.3 system. I followed the instructions here: https://wiki.samba.org/index.php/Samba_AD_DC_HOWTOhttps://wiki.samba.org/index.**php/Samba_AD_DC_HOWTO https:/**/wiki.samba.org/index.php/**Samba_AD_DC_HOWTOhttps://wiki.samba.org/index.php/Samba_AD_DC_HOWTO I configured Samba4 to use the internal DNS server. My Samba4 server is 192.168.0.13. Its full hostname is ubuntu-ad.allenlan.net. The realm is ALLENLAN.NET. The DNS testing section of the document passes: $host -t SRV _ldap._tcp.allenlan.net. _ldap._tcp.allenlan.net has SRV record 0 100 389 ubuntu-ad.allenlan.net. $host -t SRV _kerberos._udp.allenlan.net. _kerberos._udp.allenlan.net has SRV record 0 100 88 ubuntu-ad.allenlan.net. $host -t A ubuntu-ad.allenlan.net. ubuntu-ad.allenlan.net has address 192.168.0.13 I configured my Windows XP system with a DNS of 192.168.0.13 (Samba4 server). When I perform the Windows command nslookup ubuntu-ad.allenlan.net (or any variation of that) it reports: DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 192.168.0.13: Timed out (above 3 messages repeat again) Default servers are not available Server: UnKnown Address: 192.168.0.13 The Windows system can ping the Samba4 server by IP address. Any help would be appreciated! More configuration information below. /etc/resolv.conf: domain allenlan.net nameserver 192.168.0.13 /usr/local/samba/etc/smb.conf: [global] workgroup = ALLENLAN realm = ALLENLAN.NET netbios name = UBUNTU-AD server role = active directory domain controller dns forwarder = 192.168.0.1 interfaces = 192.168.0.13 127.0.0.1 bind interfaces only = yes log level = 3 server services = smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns /etc/hosts: 192.168.0.13ubuntu-ad ubuntu-ad.allenlan.net 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 $hostname ubuntu-ad.allenlan.net Thank you. Lee Allen Hi, What does 'netstat -npl | grep 53 | grep LISTEN' return? Rowland -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/sambahttps://lists.samba.org/**mailman/options/samba https://**lists.samba.org/mailman/**options/sambahttps://lists.samba.org/mailman/options/samba Hi, I thought that there may have been a possibility that dnsmasq was running, the only other thoughts I have are: How did you provision? Is the firewall blocking port 53? And that good old favourite, Selinux! Rowland -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/**mailman/options/sambahttps://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal DNS not responding to DNS requests
On Wed, 2013-01-09 at 09:47 -0500, fe...@epepm.cupet.cu wrote: I am not able to get the Samba4 internal DNS server to respond to DNS requests on the network. I am running Samba4 4.1.0pre1-GIT-c1fb37d on my CentOS 6.3 system. I followed the instructions here: https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO I configured Samba4 to use the internal DNS server. My Samba4 server is 192.168.0.13. Its full hostname is ubuntu-ad.allenlan.net. The realm is ALLENLAN.NET. The DNS testing section of the document passes: $host -t SRV _ldap._tcp.allenlan.net. _ldap._tcp.allenlan.net has SRV record 0 100 389 ubuntu-ad.allenlan.net. $host -t SRV _kerberos._udp.allenlan.net. _kerberos._udp.allenlan.net has SRV record 0 100 88 ubuntu-ad.allenlan.net. $host -t A ubuntu-ad.allenlan.net. ubuntu-ad.allenlan.net has address 192.168.0.13 I configured my Windows XP system with a DNS of 192.168.0.13 (Samba4 server). When I perform the Windows command nslookup ubuntu-ad.allenlan.net (or any variation of that) it reports: DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 192.168.0.13: Timed out (above 3 messages repeat again) Default servers are not available Server: UnKnown Address: 192.168.0.13 The Windows system can ping the Samba4 server by IP address. Any help would be appreciated! More configuration information below. /etc/resolv.conf: domain allenlan.net nameserver 192.168.0.13 /usr/local/samba/etc/smb.conf: [global] workgroup = ALLENLAN realm = ALLENLAN.NET netbios name = UBUNTU-AD server role = active directory domain controller dns forwarder = 192.168.0.1 interfaces = 192.168.0.13 127.0.0.1 bind interfaces only = yes log level = 3 server services = smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns /etc/hosts: 192.168.0.13ubuntu-ad ubuntu-ad.allenlan.net 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 $hostname ubuntu-ad.allenlan.net That was the reason I switched to bind9. The internal dns server used to keep connections open, without closing old ones, until reaching the limit of max files... I don't know wether it's been already fixed or not. But it doesn't happen with bind. This topic is been in the list before. Yes, we fixed that (with a timeout). Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 Internal DNS CNAME entries
I am currently in the progress of testing the replacement of a Windows 2003 DC with a Samba4-based one. In the DNS of old Windows DC we had CNAME entries to alias www.domain.com to serverX.domain.com and ftp.domain.com to serverY.domain.com. This is working and can be tested successfully with dig The CNAME entries were correctly replicated across to the internal DNS server on the new Samba4 DC after it joined the domain, but querying that server for www.domain.com through dig returns no results. However, samba-tool dns query localhost does correctly show the CNAME entry as present. Does the internal DNS server of samba4 not yet support CNAME lookups? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 Internal DNS CNAME entries
On 4 January 2013 15:14, Dominic Evans oldma...@gmail.com wrote: Does the internal DNS server of samba4 not yet support CNAME lookups? Another interesting thing I noted is that dns recursion also doesn't appear to be working for this lookup. i.e., $ dig @127.0.0.1 www.google.com +norecurse \ returns no results $ dig @127.0.0.1 www.google.com \ correctly returns a result (seemingly showing that the dns forwarder configured in smb.conf is working) However, $ dig @127.0.0.1 www.domain.com \ returns no results and displays the warning ;; WARNING: recursion requested but not available -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 Internal DNS CNAME entries
On 2013-01-04 15:14, Dominic Evans wrote: I am currently in the progress of testing the replacement of a Windows 2003 DC with a Samba4-based one. In the DNS of old Windows DC we had CNAME entries to alias www.domain.com to serverX.domain.com and ftp.domain.com to serverY.domain.com. This is working and can be tested successfully with dig Is domain.com the zone managed by the internal DNS server? There's a known bug about CNAMEs pointing to A records outside the database, see https://bugzilla.samba.org/show_bug.cgi?id=9409 The CNAME entries were correctly replicated across to the internal DNS server on the new Samba4 DC after it joined the domain, but querying that server for www.domain.com through dig returns no results. However, samba-tool dns query localhost does correctly show the CNAME entry as present. Does the internal DNS server of samba4 not yet support CNAME lookups? It does, with the exception of CNAMEs that point to outside A/ records. We also never set the recursion bit on error returns, which is what causes the warning in dig. Feel free to ignore that. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 and dns + dhcp on windows.
From: L.P.H. van Belle be...@bazuin.nl Date: Thu, 6 Dec 2012 09:24:52 +0100 Just quick question. I have a windows server for my dhcp and primary dns. ( and its own domain saay domain A ) Can i install samba4 with domain B but let the windows servers do the DNS and DHCP these are and will stay separate domains for now. You can do this, but on existing DNS server, you can manually configure DNS settings to set statically all required DNS records, or to create DNS zones required for domain B and to allow dynamically update from machines domain B. In addition to these you have to manually configure DNS/DHCP server for your machines belonging to B domain to receive B as its domain name. --- TAKAHASHI Motonobu mo...@monyo.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 and dns + dhcp on windows.
Hai, Just quick question. I have a windows server for my dhcp and primary dns. ( and its own domain saay domain A ) Can i install samba4 with domain B but let the windows servers do the DNS and DHCP these are and will stay separate domains for now. Or do i have to install samba 4 in to the windows domain and transfer the FSMO roles to the samba server and use these dns of windows. Whats is the best to do. 1 point, i cant change dns + dhcp, these must be on the windows servers. ( yes i know, it sucks ) Louis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 AD DNS zone corrupted
On 11/29/2012 03:26 AM, Stephen Jones wrote: If you want to delete the TXT record my suggestion would be to use nsupdate. This tool is part of BIND. My advice would be to avoid samba-tool, or at least the dns part of it. When I tried to use it I just got errors. I think it's still rather experimental. But nsupdate works. Thanks for the hint. It raised my hopes for a few seconds, but it doesn't work, as the record I want to remove seems really really broken. As suggested, I ran this command (while being kerberos-authenticated): # nsupdate -g update delete _kerberos.mitxp.com TXT send This is what bind logs when issuing the command: Nov 29 23:23:36 vmsrvr1 named[1701]: samba_dlz: starting transaction on zone mydomain.local Nov 29 23:23:36 vmsrvr1 named[1701]: samba_dlz: allowing update of signer=administrator\@MYDOMAIN.LOCAL name=_kerberos.mydomain.local tcpaddr=192.168.122.1 type=TXT key=3710301881.sig-sambapdc.mydomain.local/160/0 Nov 29 23:23:36 vmsrvr1 named[1701]: client 192.168.122.1#53087: updating zone 'mydomain.local/NONE': deleting rrset at '_kerberos.mydomain.local' TXT Nov 29 23:23:36 vmsrvr1 named[1701]: samba_dlz: failed to parse dnsRecord for DC=_kerberos,DC=mydomain.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=mydomain,DC=local Nov 29 23:23:36 vmsrvr1 named[1701]: samba_dlz: committed transaction on zone mydomain.local As you can see, it has problems deleting the DNS record because it cannot parse it. Extremely annoying. Even though the last log message says committed transaction on zone, the DNS record is still there and is still causing problems with the complete zone. But I found the solution! I just wanted to write it down in case someone else has the same problem: You need to delete the record directly from the LDB-File. This is how it's done: ldbdel -H /var/lib/samba/private/dns/sam.ldb DC=_kerberos,DC=mydomain.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=mydomain,DC=local After that, I restarted samba, just to be on the safe side. And after that, my DNS zone was OK. Thanks to everyone who helped me debugging this. PS: Just in case a samba developer is interested in the LDB record, here's the result presented by ldbsearch before I deleted it: # ldbsearch -H /var/lib/samba/private/dns/sam.ldb -b DC=_kerberos,DC=mydomain.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=mydomain,DC=local (objectclass=dnsNode) --show-binary # record 1 dn: DC=_kerberos,DC=mydomain.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=mydomain,DC=local objectClass: top objectClass: dnsNode instanceType: 4 whenCreated: 20121119125920.0Z whenChanged: 20121119125920.0Z uSNCreated: 4082 uSNChanged: 4082 showInAdvancedViewOnly: TRUE name: _kerberos objectGUID: 0bbee647-94ac-4a9c-8c2a-90deca29cdfe ndr_pull_error(11): Pull bytes 15 (../librpc/ndr/ndr_basic.c:420) dnsRecord: Unable to decode binary data objectCategory: CN=Dns-Node,CN=Schema,CN=Configuration,DC=mydomain,DC=local dc: _kerberos distinguishedName: DC=_kerberos,DC=mydomain.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=mydomain,DC=local Note: the 15 pull bytes are probably MYDOMAIN.LOCAL + a terminating character. At least that was what I assume because I created the TXT record with MYDOMAIN.LOCAL as content. -- Best regards, -Johannes. -- Best regards, -Johannes. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 AD DNS zone corrupted
On 11/27/2012 08:32 PM, Matthieu Patou wrote: On 11/27/2012 02:56 PM, Johannes Schmid wrote: # samba-tool dns query sambapdc.mydomain.local mydomain.local @ ALL ERROR(runtime): uncaught exception - (1383, 'WERR_INTERNAL_DB_ERROR') File /usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py, line 162, in _run return self.run(*args, **kwargs) File /usr/lib/python2.7/dist-packages/samba/netcmd/dns.py, line 925, in run Can you restart samba ? Also can you rerun this command with -d 10 and post the log on the list ? Restarting samba did not help (I already tried that multiple times). But thanks for the hint. I should have tried that myself! Anyway, I found what the problem is. Basically the problem cannot be seen in the samba-tool dns query debug output, but it can be seen on the samba *server* debug output. It look like the problem is an invalid record in the DNS zone: [2012/11/29 00:30:46, 2] ../source4/rpc_server/dnsserver/dnsdb.c:136(dnsserver_db_enumerate_zones) dnsserver: Found DNS zone . [2012/11/29 00:30:46, 2] ../source4/rpc_server/dnsserver/dnsdb.c:136(dnsserver_db_enumerate_zones) dnsserver: Found DNS zone mydomain.local [2012/11/29 00:30:46, 2] ../source4/rpc_server/dnsserver/dnsdb.c:136(dnsserver_db_enumerate_zones) dnsserver: Found DNS zone 122.168.192.in-addr.arpa [2012/11/29 00:30:46, 2] ../source4/rpc_server/dnsserver/dnsdb.c:136(dnsserver_db_enumerate_zones) dnsserver: Found DNS zone _msdcs.mydomain.local [2012/11/29 00:30:46, 1] ../librpc/ndr/ndr.c:411(ndr_pull_error) ndr_pull_error(11): Pull bytes 10 (../librpc/ndr/ndr_basic.c:420) [2012/11/29 00:30:46, 0] ../source4/rpc_server/dnsserver/dnsdata.c:782(dns_fill_records_array) dnsserver: Unable to parse dns record (DC=_kerberos,DC=mydomain.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=mydomain,DC=local)Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED' [2012/11/29 00:30:46, 5] ../source4/lib/messaging/messaging.c:554(imessaging_cleanup) imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.0:0.43 [2012/11/29 00:30:46, 3] ../source4/smbd/process_single.c:104(single_terminate) single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED] I now remember that I added the _kerberos.mydomain.local TXT record in the Windows DNS administration MSC GUI. I now know that it is not necessary at all and that it shouldn't be there :) But I get an error when trying to delete the record: # samba-tool dns delete sambapdc.mydomain.local mydomain.local _kerberos TXT MYDOMAIN.LOCAL ERROR: Deleting record of type TXT is not supported Looks like samba isn't ready for handling TXT records in DNS :-( Unfortunately, I somehow got my TXT record into the zone and I have no idea how to remove it again. Again, any help is really appreciated! - PS: For completeness, here is the requested output: # samba-tool dns query sambapdc.mydomain.local mydomain.local @ ALL -d 10 INFO: Current debug levels: all: 10 tdb: 10 printdrivers: 10 lanman: 10 smb: 10 rpc_parse: 10 rpc_srv: 10 rpc_cli: 10 passdb: 10 sam: 10 auth: 10 winbind: 10 vfs: 10 idmap: 10 quota: 10 acls: 10 locking: 10 msdfs: 10 dmapi: 10 registry: 10 lpcfg_load: refreshing parameters from /etc/samba/smb.conf params.c:pm_process() - Processing configuration file /etc/samba/smb.conf Processing section [global] Processing section [netlogon] Processing section [sysvol] pm_process() returned Yes GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend 'schannel' registered GENSEC backend 'spnego' registered GENSEC backend 'ntlmssp' registered GENSEC backend 'krb5' registered GENSEC backend 'fake_gssapi_krb5' registered Using binding ncacn_ip_tcp:sambapdc.mydomain.local[,sign] Mapped to DCERPC endpoint 135 added interface br0 ip=fe80::ea40:f2ff:fe3e:4e04%br0 bcast=fe80:::::%br0 netmask=::::: added interface vnet0 ip=fe80::fc54:ff:fe13:2bb1%vnet0 bcast=fe80:::::%vnet0 netmask=::::: added interface br0 ip=192.168.35.30 bcast=192.168.35.255 netmask=255.255.255.0 added interface br0 ip=fe80::ea40:f2ff:fe3e:4e04%br0 bcast=fe80:::::%br0 netmask=::::: added interface vnet0 ip=fe80::fc54:ff:fe13:2bb1%vnet0 bcast=fe80:::::%vnet0 netmask=::::: added interface br0 ip=192.168.35.30 bcast=192.168.35.255 netmask=255.255.255.0 rpc request data: [] 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [0010] 00 00 00 00 02 00 00 00 4B 00 00 00 4B 00 00 00 K...K... [0020] 05 00 13 00 0D A4 C2 AB 50 4D 57 B3 40 9D 66 EE PMW.@.f. [0030] 4F D5 FB A0 76 05 00 02 00 00 00 13 00 0D 04 5D O...v... ...] [0040] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ..+.H`.. [0050] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00
Re: [Samba] samba4 AD DNS zone corrupted
Hi, If you want to delete the TXT record my suggestion would be to use nsupdate. This tool is part of BIND. My advice would be to avoid samba-tool, or at least the dns part of it. When I tried to use it I just got errors. I think it's still rather experimental. But nsupdate works. One catch. DNS update requests to AD must be kerberos authenticated. This means you need the krb5 tool kinit. I use CentOS, and this is part of the krb5-workstation package. I don't know what you are using so I can't advise there. Run kinit and authenticate as the domain administrator: # kinit Administrator Response: Password for Administrator at MYDOMAIN.LOCAL: mypassword Then launch nsupdate: # nsupdate -g To delete the TXT record: update delete mydomain.local TXT send If you still have problems you could use nsupdate to update all the main zone entry records for the AD domain. To update a record just enter it again with the new values. Therefore: update add mydomain.local 3600 SOA server.mydomain.local hostmaster.mydomain.local serial-no 900 600 86400 3600 update add mydomain.local 3600 NS server.mydomain.local update add mydomain.local 3600 A 192.168.0.1 update add server.mydomain.local 3600 A 192.168.0.1 send These are the records created by Samba when provisioning the domain. Obviously adjust values to suit your hostname and IP address and increment the serial. You can use dig to report everything you currently have: # dig -t ANY mydomain.local For the record, I have a TXT record in my AD domain and it doesn't cause a problem. I can't recall whether I added it with nsupdate or the Windows DNS Manager, but I think it was the latter. Good luck. Regards, Stephen Jones Lloyd Systems Engineering On Thu, Nov 29, 2012, at 10:59 AM, Johannes Schmid wrote: On 11/27/2012 08:32 PM, Matthieu Patou wrote: On 11/27/2012 02:56 PM, Johannes Schmid wrote: # samba-tool dns query sambapdc.mydomain.local mydomain.local @ ALL ERROR(runtime): uncaught exception - (1383, 'WERR_INTERNAL_DB_ERROR') File /usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py, line 162, in _run return self.run(*args, **kwargs) File /usr/lib/python2.7/dist-packages/samba/netcmd/dns.py, line 925, in run Can you restart samba ? Also can you rerun this command with -d 10 and post the log on the list ? Restarting samba did not help (I already tried that multiple times). But thanks for the hint. I should have tried that myself! Anyway, I found what the problem is. Basically the problem cannot be seen in the samba-tool dns query debug output, but it can be seen on the samba *server* debug output. It look like the problem is an invalid record in the DNS zone: [2012/11/29 00:30:46, 2] ../source4/rpc_server/dnsserver/dnsdb.c:136(dnsserver_db_enumerate_zones) dnsserver: Found DNS zone . [2012/11/29 00:30:46, 2] ../source4/rpc_server/dnsserver/dnsdb.c:136(dnsserver_db_enumerate_zones) dnsserver: Found DNS zone mydomain.local [2012/11/29 00:30:46, 2] ../source4/rpc_server/dnsserver/dnsdb.c:136(dnsserver_db_enumerate_zones) dnsserver: Found DNS zone 122.168.192.in-addr.arpa [2012/11/29 00:30:46, 2] ../source4/rpc_server/dnsserver/dnsdb.c:136(dnsserver_db_enumerate_zones) dnsserver: Found DNS zone _msdcs.mydomain.local [2012/11/29 00:30:46, 1] ../librpc/ndr/ndr.c:411(ndr_pull_error) ndr_pull_error(11): Pull bytes 10 (../librpc/ndr/ndr_basic.c:420) [2012/11/29 00:30:46, 0] ../source4/rpc_server/dnsserver/dnsdata.c:782(dns_fill_records_array) dnsserver: Unable to parse dns record (DC=_kerberos,DC=mydomain.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=mydomain,DC=local)Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED' [2012/11/29 00:30:46, 5] ../source4/lib/messaging/messaging.c:554(imessaging_cleanup) imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.0:0.43 [2012/11/29 00:30:46, 3] ../source4/smbd/process_single.c:104(single_terminate) single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED] I now remember that I added the _kerberos.mydomain.local TXT record in the Windows DNS administration MSC GUI. I now know that it is not necessary at all and that it shouldn't be there :) But I get an error when trying to delete the record: # samba-tool dns delete sambapdc.mydomain.local mydomain.local _kerberos TXT MYDOMAIN.LOCAL ERROR: Deleting record of type TXT is not supported Looks like samba isn't ready for handling TXT records in DNS :-( Unfortunately, I somehow got my TXT record into the zone and I have no idea how to remove it again. Again, any help is really appreciated! - PS: For completeness, here is the requested output: # samba-tool dns query sambapdc.mydomain.local mydomain.local @ ALL -d 10 INFO: Current debug levels: all: 10 tdb: 10 printdrivers: 10 lanman: 10 smb: 10 rpc_parse: 10 rpc_srv: 10 rpc_cli: 10
[Samba] samba4 AD DNS zone corrupted
Hello everyone, somehow I broke my DNS zone managed by samba4. Unfortunately, I'm out of ideas and you are my last hope! When I want to open it in Windows DNS administration MSC, I get the following error when selecting the zone: Zone Not Loaded by DNS Server. When running regular DNS queries on that zone, everything works fine. # host -t A mydomain.local mydomain.local has address 192.168.122.1 # host -t NS mydomain.local mydomain.local name server sambapdc.mydomain.local. # host -t SOA mydomain.local mydomain.local has SOA record sambapdc.mydomain.local. hostmaster.mydomain.local. 94 900 600 86400 0 # host -t A sambapdc.mydomain.local sambapdc.mydomain.local has address 192.168.122.1 However, when querying it with samba-tool, the problems start: # samba-tool dns query sambapdc.mydomain.local mydomain.local @ ALL ERROR(runtime): uncaught exception - (1383, 'WERR_INTERNAL_DB_ERROR') File /usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py, line 162, in _run return self.run(*args, **kwargs) File /usr/lib/python2.7/dist-packages/samba/netcmd/dns.py, line 925, in run Note: querying the _msdcs.mydomain.local works fine using # samba-tool dns query sambapdc.mydomain.local _msdcs.mydomain.local @ ALL so does # samba-tool dns query sambapdc.mydomain.local mydomain.local sambapdc ALL ldbsearch also has no problems when accessing the @ records, at least they show up without problems when running # ldbsearch -H /var/lib/samba/private/dns/sam.ldb -b DC=DomainDnsZones,DC=mydomain,DC=local (objectclass=dnsNode) --show-binary Is there anything I could try to get my DNS zone back? Is there a way to dump the sam.ldb to a text file and re-build it somehow? Thanks for your support! PS: Here is the output for some additional samba-tool calls, maybe this helps... - # samba-tool dns serverinfo sambapdc.mydomain.local dwVersion : 0xece0205 fBootMethod : DNS_BOOT_METHOD_DIRECTORY fAdminConfigured: FALSE fAllowUpdate: TRUE fDsAvailable: TRUE pszServerName : sambapdc.mydomain.local pszDsContainer : CN=MicrosoftDNS,DC=DomainDnsZones,DC=mydomain,DC=local aipServerAddrs : ['255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)'] aipListenAddrs : ['255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)', '255.255.255.255 (53)'] aipForwarders : [] dwLogLevel : 0 dwDebugLevel: 0 dwForwardTimeout: 3 dwRpcPrototol : 0x5 dwNameCheckFlag : DNS_ALLOW_MULTIBYTE_NAMES cAddressAnswerLimit : 0 dwRecursionRetry: 3 dwRecursionTimeout : 8 dwMaxCacheTtl : 86400 dwDsPollingInterval : 180 dwScavengingInterval: 0 dwDefaultRefreshInterval: 168 dwDefaultNoRefreshInterval : 168 fAutoReverseZones : FALSE fAutoCacheUpdate: FALSE fRecurseAfterForwarding : FALSE fForwardDelegations : TRUE fNoRecursion: FALSE fSecureResponses: FALSE fRoundRobin : TRUE fLocalNetPriority : FALSE fBindSecondaries: FALSE fWriteAuthorityNs : FALSE fStrictFileParsing : FALSE fLooseWildcarding : FALSE fDefaultAgingState : FALSE dwRpcStructureVersion : 0x2 aipLogFilter: [] pwszLogFilePath : None pszDomainName : mydomain.local pszForestName : mydomain.local pszDomainDirectoryPartition : DC=DomainDnsZones,DC=mydomain,DC=local pszForestDirectoryPartition : DC=ForestDnsZones,DC=mydomain,DC=local dwLocalNetPriorityNetMask : 0xff dwLastScavengeTime : 0 dwEventLogLevel : 4 dwLogFileMaxSize: 0 dwDsForestVersion : 2 dwDsDomainVersion : 2 dwDsDsaVersion : 4 fReadOnlyDC : FALSE # samba-tool dns zoneinfo sambapdc.mydomain.local mydomain.local pszZoneName : mydomain.local dwZoneType : DNS_ZONE_TYPE_PRIMARY fReverse: FALSE fAllowUpdate: DNS_ZONE_UPDATE_SECURE fPaused : FALSE fShutdown : FALSE fAutoCreated: FALSE fUseDatabase: TRUE pszDataFile : None aipMasters : [] fSecureSecondaries : DNS_ZONE_SECSECURE_NO_XFER fNotifyLevel: DNS_ZONE_NOTIFY_LIST_ONLY aipSecondaries : [] aipNotify : [] fUseWins: FALSE fUseNbstat : FALSE fAging
Re: [Samba] samba4 AD DNS zone corrupted
On 11/27/2012 02:56 PM, Johannes Schmid wrote: However, when querying it with samba-tool, the problems start: # samba-tool dns query sambapdc.mydomain.local mydomain.local @ ALL ERROR(runtime): uncaught exception - (1383, 'WERR_INTERNAL_DB_ERROR') File /usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py, line 162, in _run return self.run(*args, **kwargs) File /usr/lib/python2.7/dist-packages/samba/netcmd/dns.py, line 925, in run Can you restart samba ? Also can you rerun this command with -d 10 and post the log on the list ? Matthieu. -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 + bind dns update
Hi list ! I have a server with Samba4 (Beta4) in a FreeBSD 9 with bind9, but I'm having problems with the update named, I can not make it work. Here, output command samba_dnsupdate --verbose: http://tinypaste.com/b125ca6c Here, debug from named: http://tinypaste.com/fffbea46 Bind: ad# named -V BIND 9.9.1-P1 built with '--localstatedir=/var' '--disable-linux-caps' '--disable-symtable' '--with-randomdev=/dev/random' '--with-gssapi=/usr/include/gssapi' '--with-dlopen=yes' '--with-openssl=/usr' '--with-libxml2=/usr/local' '--without-idn' '--enable-threads' '--sysconfdir=/etc/namedb' '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info/' '--build=x86_64-portbld-freebsd9.0' 'build_alias=x86_64-portbld-freebsd9.0' 'CC=cc' 'CFLAGS=-O2 -pipe -fno-strict-aliasing' 'LDFLAGS= -rpath=/usr/lib:/usr/local/lib' 'CPPFLAGS=' 'CPP=cpp' 'CXX=c++' 'CXXFLAGS=-O2 -pipe -fno-strict-aliasing' using OpenSSL version: OpenSSL 0.9.8q 2 Dec 2010 using libxml2 version: 2.7.8 Can someone help me with this? have looked at all over the place! Thanks -- Luiz Gustavo Costa (Powered by BSD) *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ mundoUnix - Consultoria em Software Livre http://www.mundounix.com.br ICQ: 2890831 / MSN: cont...@mundounix.com.br Tel: 55 (21) 4063-7110 / 8194-1905 / (11) 4063-0407 Blog: http://www.luizgustavo.pro.br -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 internal DNS problems with smb.conf
Hi Provision: /usr/local/samba/sbin/provision --realm=hh3.site --domain=MARINA --adminpass=123@Abc --server-role=dc --dns-backend=SAMBA_INTERNAL I set smb.conf according to the wiki at: https://wiki.samba.org/index.php/DNS smb.conf [global] server role = domain controller workgroup = MARINA realm = hh3.site netbios name = HH3 passdb backend = samba4 server services = smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns allow dns updates = True dns forwarder = 192.168.1.1 dns recursive queries = yes but: testparm Load smb config files from /usr/local/samba/etc/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Unknown parameter encountered: server services Ignoring unknown parameter server services Unknown parameter encountered: allow dns updates Ignoring unknown parameter allow dns updates Unknown parameter encountered: dns forwarder Ignoring unknown parameter dns forwarder Unknown parameter encountered: dns recursive queries Ignoring unknown parameter dns recursive queries What have I done wrong? Thanks, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal DNS problems with smb.conf
On 2012-04-04 08:15, steve wrote: Hi, Provision: /usr/local/samba/sbin/provision --realm=hh3.site --domain=MARINA --adminpass=123@Abc --server-role=dc --dns-backend=SAMBA_INTERNAL I set smb.conf according to the wiki at: https://wiki.samba.org/index.php/DNS smb.conf [global] server role = domain controller workgroup = MARINA realm = hh3.site netbios name = HH3 passdb backend = samba4 server services = smb, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns allow dns updates = True dns forwarder = 192.168.1.1 dns recursive queries = yes but: testparm Load smb config files from /usr/local/samba/etc/smb.conf rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) Unknown parameter encountered: server services Ignoring unknown parameter server services Unknown parameter encountered: allow dns updates Ignoring unknown parameter allow dns updates Unknown parameter encountered: dns forwarder Ignoring unknown parameter dns forwarder Unknown parameter encountered: dns recursive queries Ignoring unknown parameter dns recursive queries What have I done wrong? Uh, testparm is the samba3 tool. You'll want to run samba-tool testparm until our configuration parsers are merged. HTH, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ signature.asc Description: OpenPGP digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal dns server cannot find ldap
Interfaces= 192.168.1.3 --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: steve [mailto:st...@steve-ss.com] Gesendet: Freitag, 17. Februar 2012 08:46 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: AW: [Samba] Samba4 internal dns server cannot find ldap On 02/17/2012 08:05 AM, Daniel Müller wrote: [global] server role = domain controller workgroup = CACTUS realm = hh3.site netbios name = HH3 passdb backend = samba4 template shell = /bin/bash interfaces= xxx.yyy.zzz # I think this is missing, in my case I need to set this for the internal dns to work. --- EDV Daniel Müller ./provision --realm= hh3.site --domain=CACTUS --adminpass=Abc@1234 --server-role='domain controller' --dns-backend=SAMBA_INTERNAL Hi Daniel What's the syntax of the xxx.yyy.zzz? my fqdn is hh3.hh3.site with IP 192.168.1.3 I'm on Ubuntu with bind9.9.0 beta at the moment. It's a test setup but to save fiddling around, can we keep what we already have? I thought of: tar /private /somewhere mv samba.conf smb.conf.steve provision --dns-backind=SAMBA_INTERNAL cp smb.conf.steve back to smb.conf add your interfaces=??? to it and hope for the best. Or are we talking about a clean install from nothing? Thanks, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal dns server cannot find ldap
On 02/14/2012 07:56 AM, Kai Blin wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-02-12 10:23, steve wrote: Hi Steve, ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_IO_TIMEOUT dns child failed to find name '_ldap._tcp.HH3.SITE' of type SRV finddcs: Failed to find SRV record for _ldap._tcp.HH3.SITE Is there anything I need to configure in the internal server? That's the client component throwing the error message. What's your resolv.conf setup, and what's your smb.conf and provision settings? Cheers, Kai - - Hi Kai, fqdn hh3.hh3.site IP 192.168.1.3 cat /etc/resolv.conf search hh3.site dragonet.es nameserver 192.168.1.3 nameserver 192.168.1.1 dragonet.es=my ISP 192.168.1.1= our router. Points to the external DNS of the ISP cat /usr/local/samba/etc/smb.conf # Global parameters [global] server role = domain controller workgroup = CACTUS realm = hh3.site netbios name = HH3 passdb backend = samba4 template shell = /bin/bash [netlogon] path = /usr/local/samba/var/locks/sysvol/hh3.site/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [home] path = /home/CACTUS read only = No [profiles] path = /home/CACTUS/profiles read only = No [dropbox] path=home/CACTUS/dropbox read only = No ./provision --realm= hh3.site --domain=CACTUS --adminpass=Abc@1234 --server-role='domain controller' --dns-backend=SAMBA_INTERNAL Is there a way of specifying a forwarder with your internal server? Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal dns server cannot find ldap
[global] server role = domain controller workgroup = CACTUS realm = hh3.site netbios name = HH3 passdb backend = samba4 template shell = /bin/bash interfaces= xxx.yyy.zzz # I think this is missing, in my case I need to set this for the internal dns to work. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von steve Gesendet: Donnerstag, 16. Februar 2012 19:11 An: samba@lists.samba.org Betreff: Re: [Samba] Samba4 internal dns server cannot find ldap On 02/14/2012 07:56 AM, Kai Blin wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-02-12 10:23, steve wrote: Hi Steve, ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_IO_TIMEOUT dns child failed to find name '_ldap._tcp.HH3.SITE' of type SRV finddcs: Failed to find SRV record for _ldap._tcp.HH3.SITE Is there anything I need to configure in the internal server? That's the client component throwing the error message. What's your resolv.conf setup, and what's your smb.conf and provision settings? Cheers, Kai - - Hi Kai, fqdn hh3.hh3.site IP 192.168.1.3 cat /etc/resolv.conf search hh3.site dragonet.es nameserver 192.168.1.3 nameserver 192.168.1.1 dragonet.es=my ISP 192.168.1.1= our router. Points to the external DNS of the ISP cat /usr/local/samba/etc/smb.conf # Global parameters [global] server role = domain controller workgroup = CACTUS realm = hh3.site netbios name = HH3 passdb backend = samba4 template shell = /bin/bash [netlogon] path = /usr/local/samba/var/locks/sysvol/hh3.site/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No [home] path = /home/CACTUS read only = No [profiles] path = /home/CACTUS/profiles read only = No [dropbox] path=home/CACTUS/dropbox read only = No ./provision --realm= hh3.site --domain=CACTUS --adminpass=Abc@1234 --server-role='domain controller' --dns-backend=SAMBA_INTERNAL Is there a way of specifying a forwarder with your internal server? Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal dns server cannot find ldap
On 02/17/2012 08:05 AM, Daniel Müller wrote: [global] server role = domain controller workgroup = CACTUS realm = hh3.site netbios name = HH3 passdb backend = samba4 template shell = /bin/bash interfaces= xxx.yyy.zzz # I think this is missing, in my case I need to set this for the internal dns to work. --- EDV Daniel Müller ./provision --realm= hh3.site --domain=CACTUS --adminpass=Abc@1234 --server-role='domain controller' --dns-backend=SAMBA_INTERNAL Hi Daniel What's the syntax of the xxx.yyy.zzz? my fqdn is hh3.hh3.site with IP 192.168.1.3 I'm on Ubuntu with bind9.9.0 beta at the moment. It's a test setup but to save fiddling around, can we keep what we already have? I thought of: tar /private /somewhere mv samba.conf smb.conf.steve provision --dns-backind=SAMBA_INTERNAL cp smb.conf.steve back to smb.conf add your interfaces=??? to it and hope for the best. Or are we talking about a clean install from nothing? Thanks, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal dns server cannot find ldap
Set, interfaces=your.realip.add cldap need this to work. Do not use localhost. In my case it did the trick. Good Luck Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Kai Blin Gesendet: Dienstag, 14. Februar 2012 07:57 An: samba@lists.samba.org Betreff: Re: [Samba] Samba4 internal dns server cannot find ldap -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-02-12 10:23, steve wrote: Hi Steve, ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_IO_TIMEOUT dns child failed to find name '_ldap._tcp.HH3.SITE' of type SRV finddcs: Failed to find SRV record for _ldap._tcp.HH3.SITE Is there anything I need to configure in the internal server? That's the client component throwing the error message. What's your resolv.conf setup, and what's your smb.conf and provision settings? Cheers, Kai - -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk86BasACgkQEKXX/bF2FpR6BACeJy/cTlmrIuWOMKbmaEFP/A90 xqUAn1KNLR0fWy2Hq61W6LQTB9qxeA18 =DN0p -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 internal dns server cannot find ldap
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2012-02-12 10:23, steve wrote: Hi Steve, ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_IO_TIMEOUT dns child failed to find name '_ldap._tcp.HH3.SITE' of type SRV finddcs: Failed to find SRV record for _ldap._tcp.HH3.SITE Is there anything I need to configure in the internal server? That's the client component throwing the error message. What's your resolv.conf setup, and what's your smb.conf and provision settings? Cheers, Kai - -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk86BasACgkQEKXX/bF2FpR6BACeJy/cTlmrIuWOMKbmaEFP/A90 xqUAn1KNLR0fWy2Hq61W6LQTB9qxeA18 =DN0p -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 internal dns server cannot find ldap
Version 4.0.0alpha18-GIT-567f05e Ubuntu 11.10 ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_IO_TIMEOUT dns child failed to find name '_ldap._tcp.HH3.SITE' of type SRV finddcs: Failed to find SRV record for _ldap._tcp.HH3.SITE Is there anything I need to configure in the internal server? Thanks, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 phyton-dns error
On Thu, 2010-07-22 at 12:35 +0200, Michael Wood wrote: On 22 July 2010 10:49, Daniel Müller muel...@tropenklinik.de wrote: I compiled Samba 4.0.0alpha12 successful on my centos 5.5 box. [...] Traceback (most recent call last): File /usr/sbin/samba_dnsupdate, line 40, in ? samba.ensure_external_module(dns, dnspython) File /usr/local/samba/lib/python2.4/site-packages/samba/__init__.py, line 321, in ensure_external_module sys.modules[modulename] = __import__( TypeError: __import__() takes no keyword arguments [...] I see you are using Python 2.4. It seems that samba_dnsupdate needs Python 2.5: http://docs.python.org/library/functions.html#__import__ [...] Changed in version 2.5: Keyword support for parameters was added. Perhaps the Samba4 HOWTO should be updated to state this requirement. We should just avoid using keyword arguments there... Cheers, Jelmer signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 phyton-dns error
Dear all, I compiled Samba 4.0.0alpha12 successful on my centos 5.5 box. Kerberos and DNS working as wanted. There is only a ugly error in dnsupdate. Samba_dnsupdate gives this error: Traceback (most recent call last): File /usr/sbin/samba_dnsupdate, line 40, in ? samba.ensure_external_module(dns, dnspython) File /usr/local/samba/lib/python2.4/site-packages/samba/__init__.py, line 321, in ensure_external_module sys.modules[modulename] = __import__( TypeError: __import__() takes no keyword arguments Starting samba I M single: samba version 4.0.0alpha12-GIT-UNKNOWN started. Copyright Andrew Tridgell and the Samba Team 1992-2010 samba: using 'single' process model FIXME: Using new system session for hdb /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call last): /usr/local/samba/sbin/samba_dnsupdate: File /usr/local/samba/sbin/samba_dnsupdate, line 40, in ? /usr/local/samba/sbin/samba_dnsupdate: samba.ensure_external_module(dns, dnspython) /usr/local/samba/sbin/samba_dnsupdate: File /usr/local/samba/lib/python2.4/site-packages/samba/__init__.py, line 321, in ensure_external_module /usr/local/samba/sbin/samba_dnsupdate: sys.modules[modulename] = __import__( /usr/local/samba/sbin/samba_dnsupdate: TypeError: __import__() takes no keyword arguments ../dsdb/dns/dns_update.c:249: Failed DNS update - NT_STATUS_ACCESS_DENIED Testing kcctpl_create_intersite_connections Of course I installed following rpm: python-pydns-2.3.4-1.noarch.rpm What link do I miss. Greetings Daniel EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 phyton-dns error
On Thu, 2010-07-22 at 10:49 +0200, Daniel Müller wrote: Dear all, I compiled Samba 4.0.0alpha12 successful on my centos 5.5 box. Kerberos and DNS working as wanted. There is only a ugly error in dnsupdate. Samba_dnsupdate gives this error: Traceback (most recent call last): File /usr/sbin/samba_dnsupdate, line 40, in ? samba.ensure_external_module(dns, dnspython) File /usr/local/samba/lib/python2.4/site-packages/samba/__init__.py, line 321, in ensure_external_module sys.modules[modulename] = __import__( TypeError: __import__() takes no keyword arguments Starting samba I M single: samba version 4.0.0alpha12-GIT-UNKNOWN started. Copyright Andrew Tridgell and the Samba Team 1992-2010 samba: using 'single' process model FIXME: Using new system session for hdb /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call last): /usr/local/samba/sbin/samba_dnsupdate: File /usr/local/samba/sbin/samba_dnsupdate, line 40, in ? /usr/local/samba/sbin/samba_dnsupdate: samba.ensure_external_module(dns, dnspython) /usr/local/samba/sbin/samba_dnsupdate: File /usr/local/samba/lib/python2.4/site-packages/samba/__init__.py, line 321, in ensure_external_module /usr/local/samba/sbin/samba_dnsupdate: sys.modules[modulename] = __import__( /usr/local/samba/sbin/samba_dnsupdate: TypeError: __import__() takes no keyword arguments ../dsdb/dns/dns_update.c:249: Failed DNS update - NT_STATUS_ACCESS_DENIED Testing kcctpl_create_intersite_connections Of course I installed following rpm: python-pydns-2.3.4-1.noarch.rpm What link do I miss. Greetings Daniel EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de Daniel I have python-dns-1.7.1-1.el5 installed from EPEL, not python-pydns. Regards Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 phyton-dns error
On 22 July 2010 10:49, Daniel Müller muel...@tropenklinik.de wrote: Dear all, I compiled Samba 4.0.0alpha12 successful on my centos 5.5 box. [...] Traceback (most recent call last): File /usr/sbin/samba_dnsupdate, line 40, in ? samba.ensure_external_module(dns, dnspython) File /usr/local/samba/lib/python2.4/site-packages/samba/__init__.py, line 321, in ensure_external_module sys.modules[modulename] = __import__( TypeError: __import__() takes no keyword arguments [...] I see you are using Python 2.4. It seems that samba_dnsupdate needs Python 2.5: http://docs.python.org/library/functions.html#__import__ [...] Changed in version 2.5: Keyword support for parameters was added. Perhaps the Samba4 HOWTO should be updated to state this requirement. -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 phyton-dns error
I installed this package, python-dns-1.7.1-1.el5. Restarted Samba4 now the error: samba version 4.0.0alpha12-GIT-UNKNOWN started. Copyright Andrew Tridgell and the Samba Team 1992-2010 samba: using 'single' process model FIXME: Using new system session for hdb /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Mike Brady [mailto:mike.br...@devnull.net.nz] Gesendet: Donnerstag, 22. Juli 2010 11:53 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: [Samba] samba4 phyton-dns error On Thu, 2010-07-22 at 10:49 +0200, Daniel Müller wrote: Dear all, I compiled Samba 4.0.0alpha12 successful on my centos 5.5 box. Kerberos and DNS working as wanted. There is only a ugly error in dnsupdate. Samba_dnsupdate gives this error: Traceback (most recent call last): File /usr/sbin/samba_dnsupdate, line 40, in ? samba.ensure_external_module(dns, dnspython) File /usr/local/samba/lib/python2.4/site-packages/samba/__init__.py, line 321, in ensure_external_module sys.modules[modulename] = __import__( TypeError: __import__() takes no keyword arguments Starting samba –I –M single: samba version 4.0.0alpha12-GIT-UNKNOWN started. Copyright Andrew Tridgell and the Samba Team 1992-2010 samba: using 'single' process model FIXME: Using new system session for hdb /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call last): /usr/local/samba/sbin/samba_dnsupdate: File /usr/local/samba/sbin/samba_dnsupdate, line 40, in ? /usr/local/samba/sbin/samba_dnsupdate: samba.ensure_external_module(dns, dnspython) /usr/local/samba/sbin/samba_dnsupdate: File /usr/local/samba/lib/python2.4/site-packages/samba/__init__.py, line 321, in ensure_external_module /usr/local/samba/sbin/samba_dnsupdate: sys.modules[modulename] = __import__( /usr/local/samba/sbin/samba_dnsupdate: TypeError: __import__() takes no keyword arguments ../dsdb/dns/dns_update.c:249: Failed DNS update - NT_STATUS_ACCESS_DENIED Testing kcctpl_create_intersite_connections Of course I installed following rpm: python-pydns-2.3.4-1.noarch.rpm What link do I miss. Greetings Daniel EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de Daniel I have python-dns-1.7.1-1.el5 installed from EPEL, not python-pydns. Regards Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 and DNS
Hey Everyone, I've been reading through the Samba4 docs, but I am a bit confused, so please forgive me if I have missed anything obvious. I am trying to setup Samba4 as a Domain Controller for our department. We do not control our DNS; that is done through campus IT. All of our workstations (soon to be members of the domain) already have entries in campus DNS. If I were to submit the contents of the /usr/local/samba/private/dns/ folder (generated by Samba4's provision step) to Campus IT, would that work? Would I be missing out on anything by not running my own DNS server? I've read about the dynamic changes made to DNS by Samba4, but I don't know if I need that if my clients already would have entries in DNS. Thank you for your time; I appreciate it. ---Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 and DNS
--- Original message --- Subject: [Samba] Samba4 and DNS From: Alex Waite awa...@mcw.edu To: samba@lists.samba.org samba@lists.samba.org Date: Monday, 12/07/2010 4:56 AM Hey Everyone, I've been reading through the Samba4 docs, but I am a bit confused, so please forgive me if I have missed anything obvious. I am trying to setup Samba4 as a Domain Controller for our department. We do not control our DNS; that is done through campus IT. All of our workstations (soon to be members of the domain) already have entries in campus DNS. If I were to submit the contents of the /usr/local/samba/private/dns/ folder (generated by Samba4's provision step) to Campus IT, would that work? Would I be missing out on anything by not running my own DNS server? I've read about the dynamic changes made to DNS by Samba4, but I don't know if I need that if my clients already would have entries in DNS. Talk to DNS admins. Ask them if you can run a master DNS for your domain, and then use campus DNS as a the forwarder. Thank you for your time; I appreciate it. ---Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba