On Sat, 2012-09-29 at 04:10 +0400, Dmitry Khromov wrote: > Hello. > > We have a couple of questions regarding Samba 4.1.0pre1-GIT-aad669b running > on Gentoo GNU/Linux
> 2) We have a problem with Samba refusing to update DNS records with Gentoo's > BIND 9.9.1_p3 (GSSAPI, DLZ) > BIND log says: > ... > named[12365]: samba_dlz: configured writeable zone 'klin.kifato-mk.com' > named[12365]: samba_dlz: configured writeable zone '172.in-addr.arpa' > ... > named[12365]: samba b9_putrr: unhandled record type 65281 > named[12365]: samba_dlz: starting transaction on zone klin.kifato-mk.com > named[12365]: client 192.168.1.32#1039: view realdns: update > 'klin.kifato-mk.com/IN' denied > named[12365]: samba_dlz: cancelling transaction on zone klin.kifato-mk.com > log.samba says: > ../lib/util/util_runcmd.c:334(samba_runcmd_io_handler) > /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_negotiategss: TKEY is > unacceptable > > Related parts of named.conf: > options { > ... > tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab"; > ... > }; > view realdns { > ... > dlz "AD DNS Zones" { > database "dlopen /usr/local/samba/lib/bind9/dlz_bind9_9.so"; > }; > ... > }; > The only suggestion I have here is to try turning up the debug level in the smb.conf, in the dope that we can get more detail on: named[12365]: client 192.168.1.32#1039: view realdns: update 'klin.kifato-mk.com/IN' denied Sorry, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba