Web lists-archives.com

Re: [Samba] samba_dnsupdate options: --use-samba-tool vs. --use-nsupdate, and dhcpd dynamic updates




On Thu, 10 Jan 2019 22:23:41 +0000 (UTC)
Billy Bob <billysbobs@xxxxxxxxx> wrote:

>  
> 
>     On Thursday, January 10, 2019 2:56 PM, Rowland Penny via samba
> <samba@xxxxxxxxxxxxxxx> wrote: 
> 
>  
> >Uncomment line 10, adjust it for prefix if Samba isn't in /usr/local and then try again.
> Here it is with script properly configured.
> Regarding the later lines having to do with the script, I clearly don't know what exactly is causing them. But surely they are all
> somehow part of this update process?
> 
> Jan 10 15:46:23 dc01 dhcpd[1208]: Commit: IP: 172.20.10.165 DHCID: 1:d4:be:d9:22:9f:7d Name: mgmt01
> Jan 10 15:46:23 dc01 dhcpd[1208]: execute_statement argv[0] = /usr/local/bin/dhcp-dyndns.sh
> Jan 10 15:46:23 dc01 dhcpd[1208]: execute_statement argv[1] = add
> Jan 10 15:46:23 dc01 dhcpd[1208]: execute_statement argv[2] = 172.20.10.165
> Jan 10 15:46:23 dc01 dhcpd[1208]: execute_statement argv[3] = 1:d4:be:d9:22:9f:7d
> Jan 10 15:46:23 dc01 dhcpd[1208]: execute_statement argv[4] = mgmt01

The above lines are from dhcpd.conf, where it is trying to run dhcp-dyndns.sh

> Jan 10 15:46:23 dc01 sh[1208]: Reply from SOA query:
> Jan 10 15:46:23 dc01 sh[1208]: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id:  65508
> Jan 10 15:46:23 dc01 sh[1208]: ;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> Jan 10 15:46:23 dc01 sh[1208]: ;; QUESTION SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: ;mgmt01.corp.<DOMAIN>.com. IN        SOA
> Jan 10 15:46:23 dc01 sh[1208]: ;; AUTHORITY SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: corp.<DOMAIN>.com. 0        IN        SOA dc01.corp.<DOMAIN>.com. hostmaster.corp.<DOMAIN>.com. 38 900 600 86400 3600
> Jan 10 15:46:23 dc01 sh[1208]: Found zone name: corp.<DOMAIN>.com
> Jan 10 15:46:23 dc01 sh[1208]: The master is: dc01.corp.<DOMAIN>.com
> Jan 10 15:46:23 dc01 sh[1208]: start_gssrequest
> Jan 10 15:46:23 dc01 sh[1208]: send_gssrequest
> Jan 10 15:46:23 dc01 sh[1208]: Outgoing update query:
> Jan 10 15:46:23 dc01 sh[1208]: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22388
> Jan 10 15:46:23 dc01 sh[1208]: ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> Jan 10 15:46:23 dc01 sh[1208]: ;; QUESTION SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: ;3756749263.sig-dc01.corp.<DOMAIN>.com. ANY        TKEY
> Jan 10 15:46:23 dc01 sh[1208]: ;; ADDITIONAL SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: 3756749263.sig-dc01.corp.<DOMAIN>.com. 0 ANY TKEY        gss-tsig. 1547156783 1547156783 3 NOERROR 1397
> YIIFcQYGKwYBBQUCoIIFZTCCBWGgDTALBgkqhkiG9xIBAgKiggVOBIIFSmCCBUYGCSqGSIb3EgECAgEAboIFNTCCBTGgAwIBBaEDAgEOo
> Jan 10 15:46:23 dc01 sh[1208]: recvmsg reply from GSS-TSIG query
> Jan 10 15:46:23 dc01 sh[1208]: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  22388
> Jan 10 15:46:23 dc01 sh[1208]: ;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> Jan 10 15:46:23 dc01 sh[1208]: ;; QUESTION SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: ;3756749263.sig-dc01.corp.<DOMAIN>.com. ANY        TKEY
> Jan 10 15:46:23 dc01 sh[1208]: ;; ANSWER SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: 3756749263.sig-dc01.corp.<DOMAIN>.com. 0 ANY TKEY gss-tsig. 0 0 3 BADKEY 0  0
> Jan 10 15:46:23 dc01 sh[1208]: dns_tkey_gssnegotiate: TKEY is unacceptable
> Jan 10 15:46:23 dc01 sh[1208]: Reply from SOA query:
> Jan 10 15:46:23 dc01 sh[1208]: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id:   9273
> Jan 10 15:46:23 dc01 sh[1208]: ;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> Jan 10 15:46:23 dc01 sh[1208]: ;; QUESTION SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: ;165.10.20.172.in-addr.arpa.        IN        SOA
> Jan 10 15:46:23 dc01 sh[1208]: ;; AUTHORITY SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: 10.20.172.in-addr.arpa.        0        IN SOA dc01.corp.<DOMAIN>.com. hostmaster.corp.<DOMAIN>.com. 2 900 600 86400 3600
> Jan 10 15:46:23 dc01 sh[1208]: Found zone name: 10.20.172.in-addr.arpa
> Jan 10 15:46:23 dc01 sh[1208]: The master is: dc01.corp.<DOMAIN>.com
> Jan 10 15:46:23 dc01 sh[1208]: start_gssrequest
> Jan 10 15:46:23 dc01 sh[1208]: send_gssrequest
> Jan 10 15:46:23 dc01 sh[1208]: Outgoing update query:
> Jan 10 15:46:23 dc01 sh[1208]: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58152
> Jan 10 15:46:23 dc01 sh[1208]: ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> Jan 10 15:46:23 dc01 sh[1208]: ;; QUESTION SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: ;2065761415.sig-dc01.corp.<DOMAIN>.com. ANY        TKEY
> Jan 10 15:46:23 dc01 sh[1208]: ;; ADDITIONAL SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: 2065761415.sig-dc01.corp.<DOMAIN>.com. 0 ANY TKEY        gss-tsig. 1547156783 1547156783 3 NOERROR 1396
> YIIFcAYGKwYBBQUCoIIFZDCCBWCgDTALBgkqhkiG9xIBAgKiggVNBIIFSWCCBUUGCSqGSIb3EgECAgEAboIFNDCCBTCgAwIBBaEDAgEOo
> Jan 10 15:46:23 dc01 sh[1208]: recvmsg reply from GSS-TSIG query
> Jan 10 15:46:23 dc01 sh[1208]: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  58152
> Jan 10 15:46:23 dc01 sh[1208]: ;; flags: qr ra; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> Jan 10 15:46:23 dc01 sh[1208]: ;; QUESTION SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: ;2065761415.sig-dc01.corp.<DOMAIN>.com. ANY        TKEY
> Jan 10 15:46:23 dc01 sh[1208]: ;; ANSWER SECTION:
> Jan 10 15:46:23 dc01 sh[1208]: 2065761415.sig-dc01.corp.<DOMAIN>.com. 0 ANY TKEY gss-tsig. 0 0 3 BADKEY 0  0
> Jan 10 15:46:23 dc01 sh[1208]: dns_tkey_gssnegotiate: TKEY is unacceptable

I have no idea where the above is coming from, but it isn't from the dhcp scripts.

> Jan 10 15:46:23 dc01 dhcpd[1208]:
> execute: /usr/local/bin/dhcp-dyndns.sh exit status 2816

The above line shows that dhcp-dyndns.sh is failing, turn on debug in the script to find out why.

> Jan 10 15:46:23 dc01 dhcpd[1208]: DHCPREQUEST for 172.20.10.165 from d4:be:d9:22:9f:7d (mgmt01) via eno1
> Jan 10 15:46:23 dc01 dhcpd[1208]: DHCPACK on 172.20.10.165 to d4:be:d9:22:9f:7d (mgmt01) via eno1

The above two lines are from dhcpd
 
Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba