Re: [Samba] Switching from Internal DNS to Bind9_DLZ
- Date: Tue, 2 Jan 2018 19:23:17 +0000
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Switching from Internal DNS to Bind9_DLZ
On Tue, 2 Jan 2018 14:15:11 -0500
lingpanda101 <lingpanda101@xxxxxxxxx> wrote:
> On 1/2/2018 1:51 PM, Rowland Penny wrote:
> > On Tue, 2 Jan 2018 13:38:52 -0500
> > lingpanda101 via samba <samba@xxxxxxxxxxxxxxx> wrote:
> >> A few other observations while attempting to switch.
> >> * I do not have a dns.keytab file. Should I or is created after
> >> attempting to switch?
> > See my earlier post about samba_dnsupgrade.
> >> * running 'named-checkconf' throws an error.
> > It would, it cannot find the zones files that are now in AD.
> > Rowland
> I think I'm on the home stretch :). However I am running into a
> issue after switching the backend. The switch command completes
> successfully. Bind starts but I get errors when attempting to run
> this command after reboot.
> samba_dnsupdate --verbose --all-names
> I get this error for all updates.
> TSIG error with server: tsig indicates error
> update failed: NOTAUTH(BADSIG)
> Failed nsupdate: 2
> update(nsupdate): A gc._msdcs.domain.local 172.16.22.27
> Calling nsupdate for A gc._msdcs.domain.local 172.16.22.27 (add)
> Successfully obtained Kerberos ticket to DNS/DDC1.domain.local as
> DDC2$ Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
> ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
> ;; UPDATE SECTION:
> gc._msdcs.domain.local. 900 IN A 172.16.22.27
> I can connect to the server via. Windows DNS Manager and browse.
Try adding '--use-samba-tool' to the 'samba_dnsupdate' command
To unsubscribe from this list go to the following URL and read the