On 09/10/13 20:15, Scott Goodwin wrote:
Thanks for the advice Steve. I had actually tried this before, and it did
work temporarily, but after a few hours, the updates starting failing again.
This is so weird! Why is this happening? I have nothing but respect for
the samba team and all their hard work, but egads, I just can't figure out
why such a critical issue is still running rampant. (Ok, so it's not
critical in the sense that all your clients are down, and they can't work.
But heck, every time a pc gets a new dhcp lease, I have to change it by
hand, and that becomes a maintenance nightmare).
I'm being completely serious when I say this: how do larger companies that
have rolled out samba4 cope with this issue? Is there some workaround I'm
not aware of?
*Scott Goodwin*
IT Lead
Mimic Technologies, Inc
811 First Avenue, Suite 408 | Seattle, WA 98104
phone: 1.800.918.1670 | direct: 206.456.9180
fax: 206.623.3491 | cell: 206.355.7767
On Tue, Oct 8, 2013 at 11:56 PM, steve <st...@steve-ss.com> wrote:
On Tue, 2013-10-08 at 22:59 -0700, Scott Goodwin wrote:
* Samba4 with BIND_DLZ (with windows clients updating AD via kerberos)
Dammit this is so close! But Windows client dns updates do not work.
Actually, they worked at first, then they stopped working. Errors like
this:
Oct 8 21:38:16 earl named[7695]: samba_dlz: starting transaction on zone
mydomain.com
Oct 8 21:38:16 earl named[7695]: client 10.2.2.227#52980: update '
mydomain.com/IN' denied
Oct 8 21:38:16 earl named[7695]: samba_dlz: cancelling transaction on
zone
mydomain.com
This is a decidedly ubiquitous problem out there, and one can google on
this for hours, with no solid fixes or answers. Per this guy's
advice<
http://article.gmane.org/gmane.network.samba.general/131081/match=>I
downloaded and compiled bind 9.8, and also 9.9 (just for good measure)
using the proper flags ( --with-dlopen=yes,
--with-gssapi=/usr/include/gssapi, and WITHOUT the flag
--disable-isc-spnego). After I did this, it actually worked for a few
hours! Then all of a sudden, stopped working with the above errors
littering my named.log again.
Hi
Do you have CNAME's? If not, then it's just because you've tried
different Samba versions but with the same dns records. Try deleting the
old machine record so that a new one corresponding to your new install
will recreate it at the next update request. I don't know your domain
names and finding the DN for the machine took some working out, but I've
an example here:
http://linuxcostablanca.blogspot.com.es/2013/09/samba4-bind9dlz-stale-dns-records-with.html
HTH
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Hi, try starting here:
http://blog.michael.kuron-germany.de/2011/02/isc-dhcpd-dynamic-dns-updates-against-secure-microsoft-dns/
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
