Web lists-archives.com

Re: [Samba] Samba AD DC + external DHCP + BIND9_DLZ dynamic dns updates doesn't work for domain members.




On Tue, 16 Oct 2018 19:37:21 +0200
"Zuzanna K. Filutowska via samba" <samba@xxxxxxxxxxxxxxx> wrote:

> W dniu wto, 16.10.2018 o godzinie 18∶25 +0100, użytkownik Rowland
> Penny via samba napisał:
> > On Tue, 16 Oct 2018 18:47:30 +0200
> > "Zuzanna K. Filutowska via samba" <samba@xxxxxxxxxxxxxxx> wrote:
> > 
> > > Dear All,
> > > 
> > > I have a setup with samba acting as active directory domain
> > > controller, DNS updates are done via bind DLZ. I have recompiled
> > > it to allow spnego. DHCP server is external, no changes in it are
> > > possible. Domain members try to register in the DNS, KDC is aware
> > > of them, however no DNS entries for them are created and BIND
> > > returns errors. Any hints are welcome since I really need it
> > > working. Thank you in advance.
> > > 
> > > samba log:
> > >   samba version 4.8.5 started.
> > >   Copyright Andrew Tridgell and the Samba Team 1992-2018
> > > [2018/10/16 18:29:56.934115,
> > > 0] ../source4/smbd/server.c:638(binary_smbd_main)
> > > binary_smbd_main: samba: using 'standard' process model
> > > [2018/10/16 18:29:57.251109,
> > > 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) /usr/sbin/krb5kdc:
> > > krb5kdc: starting...
> > > 
> > 
> > Is this on a red-hat OS using MIT for Samba ?
> > If so, I suggest you recompile Samba to use Heimdal instead. There
> > are numerous limitations with using MIT, because of these, using
> > MIT is still considered experimental.
> 
> It is Fedora Server and it uses MIT, these are default packages that
> come with the system.
> 

I would suggest you file a bug on Fedora, whilst you can provision an
AD DC with the Fedora packages, there are several problems that make
them unsuitable in production (Computer GPO's not applying, for
instance) and it looks like you may possibly have found another problem.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba