Web lists-archives.com

Re: [Samba] gpupdate use wrong url




On Wed, 8 Feb 2017 11:20:13 +0100
basti via samba <samba@xxxxxxxxxxxxxxx> wrote:

> I have done the bind config like Rowland's post.
> The problem is still the same.
> 
> windows:
> nslookup foo -> nxdomain
> nslookup foo. -> ip of DC
> 
> in linux both is return an ip
> 
> Whats about the file named.conf.update in samba/private?
> 
> I have try to include in named.conf or in
> 
> dlz "AD DNS Zone"{
> ...
> include ../named.conf.update
> }
> without success.
> 
> My bind log errors like
> named[27869]: samba_dlz: starting transaction on zone foo
> named[27869]: client 192.168.122.84#59657: update 'foo/IN' denied
> named[27869]: samba_dlz: cancelling transaction on zone foo
> 
> 
> 
> 
> 

Apart from the files I posted, my bind setup is the same as yours,
except I also run a dhcp server on the DC.

I have just tried 'nslookup' on a windows 7 machine, a Samba DC and a
Linux domain member, they all return the same results.

This line:

named[27869]: client 192.168.122.84#59657: update 'foo/IN' denied

Shows that your clients are being denied permission to update their own
records. You need to investigate this, or add 'allow dns updates =
nonsecure' to the smb.conf on the Samba AD DC

I think your 'nslookup' problems are being caused by having your dns
domain set to 'foo', which is also the same as your workgroup name
'foo'.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba