Web lists-archives.com

Re: [Samba] gpupdate use wrong url

On Wed, 8 Feb 2017 11:20:13 +0100
basti via samba <samba@xxxxxxxxxxxxxxx> wrote:

> I have done the bind config like Rowland's post.
> The problem is still the same.
> windows:
> nslookup foo -> nxdomain
> nslookup foo. -> ip of DC
> in linux both is return an ip
> Whats about the file named.conf.update in samba/private?
> I have try to include in named.conf or in
> dlz "AD DNS Zone"{
> ...
> include ../named.conf.update
> }
> without success.
> My bind log errors like
> named[27869]: samba_dlz: starting transaction on zone foo
> named[27869]: client update 'foo/IN' denied
> named[27869]: samba_dlz: cancelling transaction on zone foo

Apart from the files I posted, my bind setup is the same as yours,
except I also run a dhcp server on the DC.

I have just tried 'nslookup' on a windows 7 machine, a Samba DC and a
Linux domain member, they all return the same results.

This line:

named[27869]: client update 'foo/IN' denied

Shows that your clients are being denied permission to update their own
records. You need to investigate this, or add 'allow dns updates =
nonsecure' to the smb.conf on the Samba AD DC

I think your 'nslookup' problems are being caused by having your dns
domain set to 'foo', which is also the same as your workgroup name


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba