Or could be reverse lookup is not working... root@sogo:~# nslookup sogo Server: 172.16.1.7 Address: 172.16.1.7#53
Name: sogo.example.com Address: 172.16.1.7 root@sogo:~# nslookup 172.16.1.7 Server: 172.16.1.7 Address: 172.16.1.7#53 ** server can't find 7.1.16.172.in-addr.arpa: SERVFAIL On Sat, Oct 6, 2012 at 10:22 PM, John Russell <jb.fr...@gmail.com> wrote: > Finally got DNS partially working, the following tests were successful: > host -t SRV _ldap._tcp.example.com. > host -t SRV _kerberos._udp.example.com. > host -t A sogo.example.com. > > Still can not join any windows clients (XP or 7) to the EXAMPLE.COMdomain. > Tried provisioning SAMBA with both --dns-backend=BIND9_DLZ and then > --dns-backend=SAMBA_INTERNAL but both return "update failed: REFUSED" > > So DNS now seems to be having permission problems? > > Attached are outputs from "samba_dnsupdate --verbose --all-names" and the > subsequent "tail /var/log/syslog". Any ideas? > > > On Fri, Sep 21, 2012 at 4:30 AM, John Russell <jb.fr...@gmail.com> wrote: > >> Thought for sure this was a real bug, but you are correct Mr. Bartlett, >> thats just how the SMB protocol works. I verified this with another >> wireshark capture from the same XP machine and a working SAMBA4 appliance >> from Sernet. This second capture also reveals that bind9 is still having >> issues on the SOGo appliance. The host machine registers itself into the >> DNS zone, but will not add client machines when they try to join the >> domain. How do I use the internal DNS service with SAMBA4? >> >> >> On Fri, Sep 21, 2012 at 2:24 AM, Andrew Bartlett <abart...@samba.org>wrote: >> >>> On Sat, 2012-09-15 at 11:02 -0400, John Russell wrote: >>> > Ran wireshark on the XP client while joining the domain and saw SAM >>> LOGON >>> > request from client and SAM Active Directory Response - user unknown. >>> > >>> > I noticed on the request and the response packets the user name field >>> in >>> > the packet is blank (yes, I am typing the user name and password into >>> the >>> > prompt from the XP machine!). >>> > >>> > Any ideas on what causes this? >>> >>> While an odd feature of the protocol, this is actually a normal >>> successful response to the expected packet. (Essentially, this is a >>> historical oddity from a time when asking if a server knew about a user >>> over an un-authenticated UDP packet wasn't considered a >>> security/confidentially issue). >>> >>> -- >>> Andrew Bartlett >>> http://samba.org/~abartlet/ >>> Authentication Developer, Samba Team http://samba.org >>> >>> >>> >> >> >> -- >> "It's better to be boldly decisive and risk being wrong than to agonize >> at length and be right too late." >> Marilyn Moats Kennedy >> > > > > -- > "It's better to be boldly decisive and risk being wrong than to agonize at > length and be right too late." > Marilyn Moats Kennedy > -- "It's better to be boldly decisive and risk being wrong than to agonize at length and be right too late." Marilyn Moats Kennedy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba