Web lists-archives.com

Re: [Samba] dlz_bind9_9.so: failed to map segment from shared object

On 25/05/2019 22:39, Maurizio Caloro wrote:
>Sorry, but this is not the file created by the provision.

Please how i can find the correct file that was create with the provision ?

I would have expected something like this:

# This DNS configuration is for BIND 9.8.0 or later with dlz_dlopen support.
# This file should be included in your main BIND configuration file
# For example with
# include "/var/lib/samba/bind-dns/named.conf";

# This configures dynamically loadable zones (DLZ) from AD schema
# Uncomment only single database line, depending on your BIND version
dlz "AD DNS Zone" {
    # For BIND 9.8.x
    # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9.so";

    # For BIND 9.9.x
    # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_9.so";

    # For BIND 9.10.x
     database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_10.so";

    # For BIND 9.11.x
    # database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_11.so";

But if you are sure that you haven't changed your version, then I will just have to accept that.

And how i can read and learn more about the creation of Samba AD integration.

Start here:



These are my Bind9 conf files:

cat /etc/bind/named.conf

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

cat /etc/bind/named.conf.options
options {
    directory "/var/cache/bind";
    version "0.0.7";
    notify no;
    empty-zones-enable no;
    allow-query {;; };
    allow-recursion {;; };
    forwarders {;; };
    allow-transfer { none; };
    dnssec-validation no;
    dnssec-enable no;
    dnssec-lookaside no;
    listen-on-v6 { none; };
    listen-on port 53 {;; };

    tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab";

cat /etc/bind/named.conf.local
include "/var/lib/samba/bind-dns/named.conf";

cat /etc/bind/named.conf.default-zones
// prime the server with knowledge of the root servers
zone "." {
    type hint;
    file "/etc/bind/db.root";

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
    type master;
    file "/etc/bind/db.local";

zone "127.in-addr.arpa" {
    type master;
    file "/etc/bind/db.127";

zone "0.in-addr.arpa" {
    type master;
    file "/etc/bind/db.0";

zone "255.in-addr.arpa" {
    type master;
    file "/etc/bind/db.255";

Sorry i understand that "flatfile" but i don't know what i need to configure.......
You need to remove those zones from your named.conf files, but this will not help if your REALM does not equal your dns domain in UPPERCASE. To put this simply, if your dns domain name is 'example.com', then your AD REALM must be 'EXAMPLE.COM', your NetBIOS domain (also known as 'workgroup') could be 'EXAMPLE', but it could also be anything, just as long as it is 15 characters or less and doesn't contain a dot '.'


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba