LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 09-25-2016, 05:45 AM   #1
vitronix
Member
 
Registered: Dec 2012
Posts: 56

Rep: Reputation: Disabled
Samba 4 bind9 problem


Hello good people of LinuxQuestions,

I'm running Debian 8.3 Jessie 64-bit

Samba version: 4.2.10-Debian

I'm trying to set up a samba 4 AD controller
When I try:

Code:
smbclient -L localhost -U%
Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED)
I set up the domain controller using BIND9_DLZ for DNS.

syslog shows the problem:

Code:
Sep 23 13:23:46 virtdev named[842]: ----------------------------------------------------
Sep 23 13:23:46 virtdev named[842]: BIND 9 is maintained by Internet Systems Consortium,
Sep 23 13:23:46 virtdev named[842]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Sep 23 13:23:46 virtdev named[842]: corporation.  Support and training for BIND 9 are
Sep 23 13:23:46 virtdev named[842]: available at https://www.isc.org/support
Sep 23 13:23:46 virtdev named[842]: ----------------------------------------------------
Sep 23 13:23:46 virtdev named[842]: adjusted limit on open files from 4096 to 1048576
Sep 23 13:23:46 virtdev named[842]: found 1 CPU, using 1 worker thread
Sep 23 13:23:46 virtdev named[842]: using 1 UDP listener per interface
Sep 23 13:23:46 virtdev named[842]: using up to 4096 sockets
Sep 23 13:23:46 virtdev named[842]: loading configuration from '/etc/bind/named.conf'
Sep 23 13:23:46 virtdev named[842]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Sep 23 13:23:46 virtdev named[842]: using default UDP/IPv4 port range: [1024, 65535]
Sep 23 13:23:46 virtdev named[842]: using default UDP/IPv6 port range: [1024, 65535]
Sep 23 13:23:46 virtdev named[842]: listening on IPv4 interface lo, 127.0.0.1#53
Sep 23 13:23:46 virtdev named[842]: listening on IPv4 interface eth0, 192.168.10.100#53
Sep 23 13:23:46 virtdev named[842]: generating session key for dynamic DNS
Sep 23 13:23:46 virtdev named[842]: sizing zone task pool based on 5 zones
Sep 23 13:23:46 virtdev named[842]: Loading 'AD DNS Zone' using driver dlopen
Sep 23 13:23:46 virtdev named[842]: samba_dlz: Failed to connect to /var/lib/samba/private/dns/sam.ldb
Sep 23 13:23:46 virtdev named[842]: dlz_dlopen of 'AD DNS Zone' failed
Sep 23 13:23:46 virtdev named[842]: SDLZ driver failed to load.
Sep 23 13:23:46 virtdev named[842]: DLZ driver failed to load.
Sep 23 13:23:46 virtdev named[842]: loading configuration: failure
Sep 23 13:23:46 virtdev named[842]: exiting (due to fatal error)
Sep 23 13:23:46 virtdev systemd[1]: bind9.service: main process exited, code=exited, status=1/FAILURE
Sep 23 13:23:46 virtdev rndc[861]: rndc: connect failed: 127.0.0.1#953: connection refused
Sep 23 13:23:46 virtdev systemd[1]: bind9.service: control process exited, code=exited status=1
Sep 23 13:23:46 virtdev systemd[1]: Unit bind9.service entered failed state.
My named.conf:

Code:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
// structure of BIND configuration files in Debian, *BEFORE* you customize 
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
include "/var/lib/samba/private/named.conf";
named.conf.options:

Code:
options {
	directory "/var/cache/bind";

	// If there is a firewall between you and nameservers you want
	// to talk to, you may need to fix the firewall to allow multiple
	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113

	// If your ISP provided one or more IP addresses for stable 
	// nameservers, you probably want to use them as forwarders.  
	// Uncomment the following block, and insert the addresses replacing 
	// the all-0's placeholder.

	forwarders {
	 	192.168.10.1;
	};

	//========================================================================
	// If BIND logs error messages about the root key being expired,
	// you will need to update your keys.  See https://www.isc.org/bind-keys
	//========================================================================
	dnssec-validation no;
        auth-nxdomain yes;  
        empty-zones-enable no;
 
        // Adding this Samba generated file will allow for automatic DDNS updates
        tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
};
I forgot something and fixed it: /var/lib/samba/named.conf was owned by root, I changed the owner to bind after that I installed the winbind package and now thins are running fine :-)

So this should be marked as SOLVED but I don't know how to do that

Last edited by vitronix; 09-25-2016 at 07:53 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
bind9 problem !! hack-back !! Linux - Software 4 02-04-2015 10:59 AM
bind9 problem !! hack-back !! Linux - Software 1 12-17-2014 12:52 PM
Problem with Bind9 rytec Linux - Server 7 09-02-2009 05:26 PM
Bind9 is interfering with samba rbees Linux - Server 34 01-17-2008 05:10 PM
Bind9 problem WiWa Linux - Networking 3 06-06-2004 06:27 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 06:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration