Hi all
I've given up on the idea that I can make a script to import our
<domain>-zone into samba internal dns with samba-tool as it gets really
messy with subdomains. Instead I'm now trying to get samba4 to let bind
handle the <domain>-zone as well als dynamic updates and such.
The problem is that once I've started named and samba4 after
provisioning, I try to test dynamic updates and it oopses with the message:
root@puppettest01 var]# samba_dnsupdate --verbose --all-names
IPs: ['192.168.0.1']
Traceback (most recent call last):
File "/usr/sbin/samba_dnsupdate", line 506, in <module>
get_credentials(lp)
File "/usr/sbin/samba_dnsupdate", line 119, in get_credentials
creds.get_named_ccache(lp, ccachename)
RuntimeError: kinit for PUPPETTEST01$@NIEUWLAND.NL failed (Cannot
contact any KDC for requested realm)
When looking at the debug output of bind, it doesn't seem to have loaded
the DLZ module from samba4.
I tried this: named -g -c /etc/bind/named.conf -u named -d3 2>&1 |grep
-i dlz
07-Jun-2013 14:18:24.514 built with '--host=x86_64-redhat-linux-gnu'
'--build=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr'
'--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin'
'--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include'
'--libdir=/usr/lib64' '--libexecdir=/usr/libexec'
'--sharedstatedir=/var/lib' '--mandir=/usr/share/man'
'--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var'
'--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static'
'--disable-openssl-version-check' '--with-dlopen=yes'
'--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes'
'--with-dlz-filesystem=yes' '--with-dlz-stub=yes' '--with-gssapi=yes'
'--disable-isc-spnego'
'--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets'
'--enable-fixed-rrset' 'build_alias=x86_64-redhat-linux-gnu'
'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g' 'CPPFLAGS=
-DDIG_SIGCHASE'
07-Jun-2013 14:18:24.516 Registering DLZ_dlopen driver
07-Jun-2013 14:18:24.516 Registering SDLZ driver 'dlopen'
07-Jun-2013 14:18:24.516 Registering DLZ driver 'dlopen'
The packages samba4 (using git master from 2 days ago) and bind are
self-compiled on another centos 6.4 machine. As you can see, the options
'--with-gssapi=yes' and '--with-dlopen=yes' are set (this is 9.8.2 from
the source rpm)
I followed the instructions on how to include
/var/lib/samba4/private/named.conf and named.txt, however, that didn't
work as advertised (cannot read /var/lib/samba4/private/named.conf,
though it was readable by user named???), so I included the stuff in
...private/named.conf literally in the /etc/bind/named.conf (as you can
see, the named.conf location is nonstandard, this is handled in
/etc/sysconfig/named).
samba4 was provisioned for NIEUWLAND.NL as dc and BIND9_DLZ
I figure the problem lies in not loading the dlopen driver, which should
probably look like:
03-Jun-2013 14:38:43.370 Loading 'AD DNS Zone' using driver dlopen
03-Jun-2013 14:38:43.371 Loading SDLZ driver.
03-Jun-2013 14:38:47.233 samba_dlz: started for DN DC=intranet01,DC=hom
03-Jun-2013 14:38:47.234 SDLZ driver loaded successfully.
03-Jun-2013 14:38:47.234 DLZ driver loaded successfully.
03-Jun-2013 14:38:47.235 samba_dlz: starting configure
03-Jun-2013 14:38:47.275 zone 200.168.192.in-addr.arpa/NONE: number of nodes in
database: 0
03-Jun-2013 14:38:47.278 zone 200.168.192.in-addr.arpa/NONE: loaded; checking
validity
03-Jun-2013 14:38:47.281 zone_settimer: zone 200.168.192.in-addr.arpa/NONE:
enter
03-Jun-2013 14:38:47.282 samba_dlz: configured writeable zone
'200.168.192.in-addr.arpa'
03-Jun-2013 14:38:47.284 zone intranet01.hom/NONE: number of nodes in database: 0
03-Jun-2013 14:38:47.286 zone intranet01.hom/NONE: loaded; checking validity
(I saw this in another mail to this list, but there bind was compiled from
original sources and version 9.9.3)
I wonder which steps would be most likely to let bind load the driver for dlz?
Should I suspect all the patches redhat includes in their source rpm? or is it
a configuration issue?
Cheers
Simon
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
