Web lists-archives.com

Re: [Samba] samba Digest, Vol 172, Issue 2

Hello Rowland

I removed the parameter "forward only;" and changed the setting like below.

But the same problem.

 update failed: rejected by secure update (REFUSED)

Am 02.04.2017 um 17:04 schrieb Rowland Penny:
On Sun, 2 Apr 2017 16:36:09 +0200
Karl Heinz Wichmann via samba <samba@xxxxxxxxxxxxxxx> wrote:

Hello Rowland

Can this be a Problem with my debian 8.7 bind service?

No, definitely not

Try making your named.conf.options look like this:

options {
        directory "/var/cache/bind";
        version "0.0.7";
        notify no;
        empty-zones-enable no;
        allow-query {;; };
        allow-recursion {;; };
        forwarders {; };
        allow-transfer { none; };
        dnssec-validation no;
        dnssec-enable no;

        listen-on-v6 { none; };
        listen-on port 53 {;; };
        tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";

There is one really big problem in your version (there are others as

'forward only;' With this, you Bind server doesn't even try to search
AD for your domain computers, it forwards the search to what ever <IP
of my forwarder> is.


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba