Is your dns server set to secure updates only? On Tue, Mar 13, 2018, 5:40 AM Roger Martensson <[email protected]> wrote:
> After som serious digging I caved in and upgraded dnsutils on my Ubuntu. > Seems that the future Ubuntu 18.04 has a non-working install of nsupdate. > When upgrading to version 9.12 nsupdate (using ISC PPA) everything started > to work. > > 2018-03-09 19:24 GMT+01:00 Roger Martensson <[email protected]>: > >> Hi! >> >> Setup: Ubuntu 18.04 (future), SSSD 1.16.0, nsupdate/bind: 9.11.2.P1, >> 2008R2 DC/DNS >> >> I need some help and guidance with troubleshooting nsupdate-problems. >> I get the famous "TSIG error with server: tsig verify failure" when >> trying to update my A-record against our Microsoft DNS. >> I get the error in sssd-logs and the same error when running nsupdate >> manually with the same input as found in the logs (when cranking up debug >> level). >> >> I have tried with client keytab and with a user that I know have >> permission to update. (nsupdate with -g) >> >> SSSD is fully configured and I can do user lookups and logins. ldapsearch >> agains different domains in the forest with -Y GSSAPI works without problem. >> >> Our setup is a domain forest where the clients are in the subdomain and >> the DNS is in the parent domain. Parent DNS domain and subdomains is in the >> same Zone and has Secure Only updates enabled. >> >> Anyone have any ideas what I can do next to troubleshoot this issue? >> >> >> >> > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
