LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   /usr/sbin/named error? (https://www.linuxquestions.org/questions/linux-networking-3/usr-sbin-named-error-86198/)

TongueTied 08-27-2003 06:20 AM

/usr/sbin/named error?
 
I found the following in my messages file and was wondering what it means. Can anyone help?

Aug 27 07:12:46 myserver /usr/sbin/named[1403]: client 192.168.1.12#4469: update denied
Aug 27 07:12:46 myserver /usr/sbin/named[1403]: client 192.168.1.12#4474: update denied

myserver is the linux server name and 192.168.1.12 is one of the win2k boxes on the network. I seem to be getting this message for all the windows machines on the network not just the one listed in the message.

Any ideas what this might be from?

cnjohnson 08-27-2003 07:38 AM

Re: /usr/sbin/named error?
 
Quote:

Originally posted by TongueTied
I found the following in my messages file and was wondering what it means. Can anyone help?

[edited]

Any ideas what this might be from?

It means what it says. Client 192.168.1.12 sent a dynamic update request (from ports 4469 and 4474) and your server refused to process it. The way to put a stop to it depends. If you want this host to be permitted to send dynamic update requests, put an allow-update clause at the appropriate place in named.conf. If you don't, go to all the Win2k boxes and stop them from requesting to update DNS. Enabling dynamic DNS is fraught with security problems: allowed hosts can pretty much add or remove whatever they like from a zone. And it's no longer possible to manually maintain a zone file once the zone is subject to dynamic updates.

Cheers--
Charles

TongueTied 08-27-2003 08:39 PM

Thanks Charles.
However, I don’t have dhcp running (or even installed) on any of the machines. Could this be a result of the “Register this connection’s address in DNS” checkbox found on the DNS tab of the advanced settings for TCPIP on the win2k machines?

If not, how would I stop the windoz machines from attempting to update the DNS record?
Cheers,
Philip

cnjohnson 08-28-2003 07:41 AM

Quote:

Originally posted by TongueTied
Thanks Charles.
However, I don’t have dhcp running (or even installed) on any of the machines. Could this be a result of the “Register this connection’s address in DNS” checkbox found on the DNS tab of the advanced settings for TCPIP on the win2k machines?

[edited]
Cheers,
Philip

Yes, you are on the right track. My co. no longer uses Win2k boxes, but IIRC, it was something like that which hushed them up. In any event, start poking the Win2k boxes...you don't need their chatter on the network. :)

Cheers--
Charles

TongueTied 08-28-2003 09:34 PM

Thanks Charles,
That seemed to have been it. I am no longer getting the message in the messages log.

If you don't mind me asking, if you don't use win2k boxes anymore, what are you using? I have one winxp box and it also requires the same fix. Have you deployed linux as a desktop solution? I would love to be able to do that but right now, my co. has too much os specific software.

Anyway, thanks for the help.
Cheers,
Philip

cnjohnson 08-29-2003 07:35 AM

Quote:

Originally posted by TongueTied

[edited]
If you don't mind me asking, if you don't use win2k boxes anymore, what are you using? I have one winxp box and it also requires the same fix. Have you deployed linux as a desktop solution?
[edited]
Philip

We have about 850 PC's deployed. Our vendor (who is soon about to not to be our vendor) no longer supports Win98, so we have a few XP boxes, but the rest are RH desktops. Slowly, but surely, we'll be linux everywhere. We will not be completely shed of Microsoft (nor do we want to be) because there are a few people who really do need the complete functionality that Office offers, but most of our users (clinical psychologists, LCSW's and the like) need a web browser for access to our browser based applications, and a functional office suite, which we give them in mozilla and open office.

Cheers--
Charles


All times are GMT -5. The time now is 03:08 AM.