Re: Fwd: Error start bind9 samba4 BIND9

Daniele Dario

unread,

Sep 24, 2013, 3:01:59 AM9/24/13

to

Hi Jacó,
I'm not a developer but this is just my cent.

I guess the join has succeeded.
Did you check the required DNS entries of the new host as stated in the
wiki?
Did you check also the apparmor profile to give the right permissions to
bind to access files as stated in
https://wiki.samba.org/index.php/Dns-backend_bind#Interaction_with_AppArmor_or_SELinux ?

I'm using ubuntu and this is the section I added
to /etc/apparmor.d/usr.sbin.named to get it working.

# samba4 related
/usr/local/samba/etc/** r,
/usr/local/samba/private/dns.keytab krw,
/usr/local/samba/private/dns/** krw,
/usr/local/samba/private/dns/ krw,
/usr/local/samba/private/named.conf r,

# libdlz_bind9 modules need to be accessed
/usr/local/samba/lib/** mr,
/usr/local/samba/modules/** mr,

# with libdlz_bind9, named needs to access /var/TMP/DNS-${HOSTNAME}_xxx
tickets
/var/tmp/** rw,
/tmp/** rw,

Hope this helps,
Daniele.

On Mon, 2013-09-23 at 19:42 -0300, Jacó Ramos wrote:
> Howto resolves?
>
> /etc/init.d/bind9 start
>
> root@samba:~# tail -f /var/log/syslog
> Sep 23 11:01:24 samba named[2558]: listening on IPv4 interface eth0,
> 128.1.6.197#53
> Sep 23 11:01:24 samba named[2558]: generating session key for dynamic DNS
> Sep 23 11:01:24 samba named[2558]: sizing zone task pool based on 5 zones
> Sep 23 11:01:24 samba named[2558]: Loading 'AD DNS Zone' using driver dlopen
> Sep 23 11:01:24 samba named[2558]: samba_dlz: Unable to get basedn for
> /usr/local/samba/private/dns/sam.ldb - NULL Base DN invalid for a base
> search
> Sep 23 11:01:24 samba named[2558]: dlz_dlopen of 'AD DNS Zone' failed
> Sep 23 11:01:24 samba named[2558]: SDLZ driver failed to load.
> Sep 23 11:01:24 samba named[2558]: DLZ driver failed to load.
> Sep 23 11:01:24 samba named[2558]: loading configuration: failure
> Sep 23 11:01:24 samba named[2558]: exiting (due to fatal error)
>
> Used comand:
>
> /usr/local/samba/bin/samba-tool domain join dominiolinux.net.br DC -U
> administrador --realm=DOMINIOLINUX.NET.BR --dns-backend=BIND9_DLZ
>
>
> I am using samba4 4.0.4 and debian 7 and Windows 2003 Server.
>
> Thanks!
> --
>
> *"O homem não foi criado para ser feliz nem para vencer, mas para viver
> para Deus. Quando vive para Deus é feliz e vence." Isaltino Gomes
> *
> *
> $whoami*
>
> - Perito Forense Computacional
> - Pentester
> - Esp. em Segurança de Redes de Computadores com enfâse a Perícia
> Forense Computacional - FACID
> - Bacharel em Ciência da Computação - UESPI
> - Administrador de Redes de Computadores
> - CCNA Modulo II
> - Lattes: *http://lattes.cnpq.br/1591329268136905*
>
>
> Esta mensagem pode conter informações confidenciais e/ou privilegiadas. Se
> você não for o destinatário ou a pessoa autorizada a receber esta mensagem,
> não deve usar, copiar ou divulgar as informações nela contida ou tomar
> qualquer ação baseada nessas informações.
>
>
>

Jacó Ramos

unread,

Sep 24, 2013, 6:38:01 AM9/24/13

to

Hi Dario,

cp /usr/local/samba/private/sam.ldb /usr/local/samba/private/dns
cp /usr/local/samba/private/sam.ldb.d /usr/local/samba/private/dns

and

chmod 777 /usr/local/samba/private/dns/*

and dns works fine!

Grato.
Jacó Ramos

2013/9/24 Daniele Dario <d.da...@gmail.com>

Rowland Penny

unread,

Sep 24, 2013, 6:55:48 AM9/24/13

to

On 24/09/13 11:38, Jac� Ramos wrote:
> Hi Dario,
>
> cp /usr/local/samba/private/sam.ldb /usr/local/samba/private/dns
> cp /usr/local/samba/private/sam.ldb.d /usr/local/samba/private/dns
>
>
> and
>
> chmod 777 /usr/local/samba/private/dns/*
>
> and dns works fine!
>
> Grato.

> Jac� Ramos
>
>
Hi, sorry but you have got it wrong, it needs to be hard linked, see
here: https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC

and here:
https://wiki.samba.org/index.php/Dns-backend_bind#New_added_DNS_entries_are_not_resolvable

Rowland

Jacó Ramos

unread,

Sep 24, 2013, 7:10:57 AM9/24/13

to

When run :

samba-upgradedns --dns-backend=BIND9_DLZ

Cannot create AD based DNS for OS Level < 2003

and now ?

Grato.
Jacó Ramos

2013/9/24 Rowland Penny <repenn...@gmail.com>

> On 24/09/13 11:38, Jacó Ramos wrote:
>
>> Hi Dario,
>>

>> cp /usr/local/samba/private/sam.**ldb /usr/local/samba/private/dns
>> cp /usr/local/samba/private/sam.**ldb.d /usr/local/samba/private/dns

>>
>>
>> and
>>
>> chmod 777 /usr/local/samba/private/dns/*
>>
>> and dns works fine!
>>
>> Grato.

>> Jacó Ramos

>>
>>
>> Hi, sorry but you have got it wrong, it needs to be hard linked, see

> here: https://wiki.samba.org/index.**php/Samba4/HOWTO/Join_a_**
> domain_as_a_DC<https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC>
>
> and here: https://wiki.samba.org/index.**php/Dns-backend_bind#New_**
> added_DNS_entries_are_not_**resolvable<https://wiki.samba.org/index.php/Dns-backend_bind#New_added_DNS_entries_are_not_resolvable>
>
> Rowland

Daniele Dario

unread,

Sep 24, 2013, 10:11:53 AM9/24/13

to

On Tue, 2013-09-24 at 08:10 -0300, Jacó Ramos wrote:
> When run :
>
>
> samba-upgradedns --dns-backend=BIND9_DLZ
> Cannot create AD based DNS for OS Level < 2003
> and now ?
>
> Grato.
>
> Jacó Ramos
> 2013/9/24 Rowland Penny <repenn...@gmail.com>
> On 24/09/13 11:38, Jacó Ramos wrote:
> Hi Dario,
>

> cp /usr/local/samba/private/sam.ldb /usr/local/samba/private/dns
> cp /usr/local/samba/private/sam.ldb.d /usr/local/samba/private/dns

>
>
> and
>
> chmod 777 /usr/local/samba/private/dns/*
>
> and dns works fine!
>
> Grato.
> Jacó Ramos
>
>
> Hi, sorry but you have got it wrong, it needs to be hard
> linked, see here:

> https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC
>
> and here:
> https://wiki.samba.org/index.php/Dns-backend_bind#New_added_DNS_entries_are_not_resolvable
>
> Rowland
>

Hi Jacó,
could it be that your domain/forest level is < 2003?

try to run
# samba-tool domain level show
to see the domain/forest levels.

Did you provision the domain on samba AD DC or did you join it to an
existing domain?

BTW as Rowland said the private/dns content has to be hard linked and
not a simple copy. Samba updates it's private/sam.ldb and
private/sam.ldb.d/* files. Files on private/dns won't be updated that's
why they have to be links to the original ones.

A side note about permissions: it would be safer to restrict permissions
to bind/named so as stated in the wiki you can

# chown named:named /usr/local/samba/private/dns
# chgrp named /usr/local/samba/private/dns.keytab
# chmod g+r /usr/local/samba/private/dns.keytab
# chmod 775 /usr/local/samba/private/dns

Daniele.

Taylor, Jonn

unread,

Sep 24, 2013, 10:46:02 AM9/24/13

to

If your domain level is 2003 you will not be able to join samba4 with
bind backend. There is a bug open for this. It duplicates your dns zone
and bind will not start.

https://bugzilla.samba.org/show_bug.cgi?id=9210

Jonn

Jacó Ramos

unread,

Sep 24, 2013, 10:58:12 AM9/24/13

to

Bind9 is finding sam.ldb in /usr/local/samba/private/dns but file is in
/usr/local/samba/private.

Grato.
Jacó Ramos

2013/9/24 Taylor, Jonn <jo...@taylortelephone.com>

> On 09/24/2013 09:11 AM, Daniele Dario wrote:
>
>> On Tue, 2013-09-24 at 08:10 -0300, Jacó Ramos wrote:
>>
>>> When run :
>>>
>>>
>>> samba-upgradedns --dns-backend=BIND9_DLZ
>>> Cannot create AD based DNS for OS Level < 2003
>>> and now ?
>>>
>>> Grato.
>>>
>>> Jacó Ramos
>>> 2013/9/24 Rowland Penny <repenn...@gmail.com>
>>> On 24/09/13 11:38, Jacó Ramos wrote:
>>> Hi Dario,

>>> cp /usr/local/samba/private/sam.**ldb
>>> /usr/local/samba/private/dns
>>> cp /usr/local/samba/private/sam.**ldb.d

>>> /usr/local/samba/private/dns
>>> and
>>> chmod 777
>>> /usr/local/samba/private/dns/*
>>> and dns works fine!
>>> Grato.
>>> Jacó Ramos
>>> Hi, sorry but you have got it
>>> wrong, it needs to be hard
>>> linked, see here:

>>> https://wiki.samba.org/index.**php/Samba4/HOWTO/Join_a_**
>>> domain_as_a_DC<https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC>
>>> and here:
>>> https://wiki.samba.org/index.**php/Dns-backend_bind#New_**
>>> added_DNS_entries_are_not_**resolvable<https://wiki.samba.org/index.php/Dns-backend_bind#New_added_DNS_entries_are_not_resolvable>

>>> Rowland
>>>
>>>
>> Hi Jacó,
>> could it be that your domain/forest level is < 2003?
>>
>> try to run
>> # samba-tool domain level show
>> to see the domain/forest levels.
>>
>> Did you provision the domain on samba AD DC or did you join it to an
>> existing domain?
>>
>> BTW as Rowland said the private/dns content has to be hard linked and
>> not a simple copy. Samba updates it's private/sam.ldb and
>> private/sam.ldb.d/* files. Files on private/dns won't be updated that's
>> why they have to be links to the original ones.
>>
>> A side note about permissions: it would be safer to restrict permissions
>> to bind/named so as stated in the wiki you can
>>
>> # chown named:named /usr/local/samba/private/dns

>> # chgrp named /usr/local/samba/private/dns.**keytab
>> # chmod g+r /usr/local/samba/private/dns.**keytab

>> # chmod 775 /usr/local/samba/private/dns
>>
>> Daniele.
>>
>>
>> If your domain level is 2003 you will not be able to join samba4 with
> bind backend. There is a bug open for this. It duplicates your dns zone and
> bind will not start.
>

> https://bugzilla.samba.org/**show_bug.cgi?id=9210<https://bugzilla.samba.org/show_bug.cgi?id=9210>
>
> Jonn

Taylor, Jonn

unread,

Sep 24, 2013, 10:59:49 AM9/24/13

to

On 09/24/2013 09:58 AM, Jacó Ramos wrote:
> Bind9 is finding sam.ldb in /usr/local/samba/private/dns but file is
> in /usr/local/samba/private.
>
> Grato.
> Jacó Ramos
>
>
>
>
> 2013/9/24 Taylor, Jonn <jo...@taylortelephone.com

> <mailto:jo...@taylortelephone.com>>

>
> On 09/24/2013 09:11 AM, Daniele Dario wrote:
>
> On Tue, 2013-09-24 at 08:10 -0300, Jacó Ramos wrote:
>
> When run :
>
>
> samba-upgradedns --dns-backend=BIND9_DLZ
> Cannot create AD based DNS for OS Level < 2003
> and now ?
>
> Grato.
>
> Jacó Ramos
> 2013/9/24 Rowland Penny <repenn...@gmail.com

> <mailto:repenn...@gmail.com>>

> On 24/09/13 11:38, Jacó Ramos wrote:
> Hi Dario,
> cp

> /usr/local/samba/private/sam.ldb /usr/local/samba/private/dns
> cp /usr/local/samba/private/sam.ldb.d

> /usr/local/samba/private/dns
> and
> chmod 777
> /usr/local/samba/private/dns/*
> and dns works fine!
> Grato.
> Jacó Ramos
> Hi, sorry but
> you have got it wrong, it needs to be hard
> linked, see here:

> https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC
> and here:

> https://wiki.samba.org/index.php/Dns-backend_bind#New_added_DNS_entries_are_not_resolvable
> Rowland
>
> Hi Jacó,
> could it be that your domain/forest level is < 2003?
>
> try to run
> # samba-tool domain level show
> to see the domain/forest levels.
>
> Did you provision the domain on samba AD DC or did you join it
> to an
> existing domain?
>
> BTW as Rowland said the private/dns content has to be hard
> linked and
> not a simple copy. Samba updates it's private/sam.ldb and
> private/sam.ldb.d/* files. Files on private/dns won't be
> updated that's
> why they have to be links to the original ones.
>
> A side note about permissions: it would be safer to restrict
> permissions
> to bind/named so as stated in the wiki you can
>
> # chown named:named /usr/local/samba/private/dns

> # chgrp named /usr/local/samba/private/dns.keytab
> # chmod g+r /usr/local/samba/private/dns.keytab

> # chmod 775 /usr/local/samba/private/dns
>
> Daniele.
>
>
> If your domain level is 2003 you will not be able to join samba4
> with bind backend. There is a bug open for this. It duplicates
> your dns zone and bind will not start.
>

> https://bugzilla.samba.org/show_bug.cgi?id=9210
>
> Jonn
>
>
>
>
> --
>
> /"O homem não foi criado para ser feliz nem para vencer, mas para

> viver para Deus. Quando vive para Deus é feliz e vence." Isaltino Gomes

> /
> *
> $whoami*
>
> * Perito Forense Computacional
> * Pentester
> * Esp. em Segurança de Redes de Computadores com enfâse a Perícia
> Forense Computacional - FACID
> * Bacharel em Ciência da Computação - UESPI
> * Administrador de Redes de Computadores
> * CCNA Modulo II
> * Lattes: /http://lattes.cnpq.br/1591329268136905/

>
>
> Esta mensagem pode conter informações confidenciais e/ou
> privilegiadas. Se você não for o destinatário ou a pessoa autorizada a
> receber esta mensagem, não deve usar, copiar ou divulgar as
> informações nela contida ou tomar qualquer ação baseada nessas
> informações.

Did you create the links as per the wiki?

Jonn

Jacó Ramos

unread,

Sep 24, 2013, 11:04:16 AM9/24/13

to

No,

I run for resolves:

samba_updatedns --dns-backend=BIND9_DLZ, but not run .

255 root@samba /usr/local/samba/private/dns # samba_upgradedns
--dns-backend=BIND9_DLZ
Reading domain information
Cannot create AD based DNS for OS level < 2003
1 root@samba /usr/local/samba/private/dns #

Grato.
Jacó Ramos

2013/9/24 Taylor, Jonn <jo...@taylortelephone.com>

> On 09/24/2013 09:58 AM, Jacó Ramos wrote:
>
>> Bind9 is finding sam.ldb in /usr/local/samba/private/dns but file is in
>> /usr/local/samba/private.
>>
>> Grato.
>> Jacó Ramos
>>
>>
>>
>>
>> 2013/9/24 Taylor, Jonn <jo...@taylortelephone.com <mailto:

>> jonnt@taylortelephone.**com <jo...@taylortelephone.com>>>

>>
>>
>> On 09/24/2013 09:11 AM, Daniele Dario wrote:
>>
>> On Tue, 2013-09-24 at 08:10 -0300, Jacó Ramos wrote:
>>
>> When run :
>>
>>
>> samba-upgradedns --dns-backend=BIND9_DLZ
>> Cannot create AD based DNS for OS Level < 2003
>> and now ?
>>
>> Grato.
>>
>> Jacó Ramos
>> 2013/9/24 Rowland Penny <repenn...@gmail.com

>> <mailto:repenny241155@gmail.**com <repenn...@gmail.com>>>

>>
>> On 24/09/13 11:38, Jacó Ramos wrote:
>> Hi Dario,
>> cp

>> /usr/local/samba/private/sam.**ldb
>> /usr/local/samba/private/dns
>> cp /usr/local/samba/private/sam.**ldb.d

>> /usr/local/samba/private/dns
>> and
>> chmod 777
>> /usr/local/samba/private/dns/*
>> and dns works fine!
>> Grato.
>> Jacó Ramos
>> Hi, sorry but
>> you have got it wrong, it needs to be hard
>> linked, see here:

>> https://wiki.samba.org/index.**php/Samba4/HOWTO/Join_a_**
>> domain_as_a_DC<https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC>
>> and here:
>> https://wiki.samba.org/index.**php/Dns-backend_bind#New_**
>> added_DNS_entries_are_not_**resolvable<https://wiki.samba.org/index.php/Dns-backend_bind#New_added_DNS_entries_are_not_resolvable>

>> Rowland
>>
>> Hi Jacó,
>> could it be that your domain/forest level is < 2003?
>>
>> try to run
>> # samba-tool domain level show
>> to see the domain/forest levels.
>>
>> Did you provision the domain on samba AD DC or did you join it
>> to an
>> existing domain?
>>
>> BTW as Rowland said the private/dns content has to be hard
>> linked and
>> not a simple copy. Samba updates it's private/sam.ldb and
>> private/sam.ldb.d/* files. Files on private/dns won't be
>> updated that's
>> why they have to be links to the original ones.
>>
>> A side note about permissions: it would be safer to restrict
>> permissions
>> to bind/named so as stated in the wiki you can
>>
>> # chown named:named /usr/local/samba/private/dns

>> # chgrp named /usr/local/samba/private/dns.**keytab
>> # chmod g+r /usr/local/samba/private/dns.**keytab

>> # chmod 775 /usr/local/samba/private/dns
>>
>> Daniele.
>>
>>
>> If your domain level is 2003 you will not be able to join samba4
>> with bind backend. There is a bug open for this. It duplicates
>> your dns zone and bind will not start.
>>

>> https://bugzilla.samba.org/**show_bug.cgi?id=9210<https://bugzilla.samba.org/show_bug.cgi?id=9210>

>>
>> Jonn
>>
>>
>>
>>
>> --
>>
>> /"O homem não foi criado para ser feliz nem para vencer, mas para viver
>> para Deus. Quando vive para Deus é feliz e vence." Isaltino Gomes
>> /
>> *
>> $whoami*
>>
>> * Perito Forense Computacional
>> * Pentester
>> * Esp. em Segurança de Redes de Computadores com enfâse a Perícia
>> Forense Computacional - FACID
>> * Bacharel em Ciência da Computação - UESPI
>> * Administrador de Redes de Computadores
>> * CCNA Modulo II

>> * Lattes: /http://lattes.cnpq.br/**1591329268136905/<http://lattes.cnpq.br/1591329268136905/>

>>
>>
>>
>> Esta mensagem pode conter informações confidenciais e/ou privilegiadas.
>> Se você não for o destinatário ou a pessoa autorizada a receber esta
>> mensagem, não deve usar, copiar ou divulgar as informações nela contida ou
>> tomar qualquer ação baseada nessas informações.
>>
> Did you create the links as per the wiki?
>
> Jonn
>
>

--

*"O homem não foi criado para ser feliz nem para vencer, mas para viver

para Deus. Quando vive para Deus é feliz e vence." Isaltino Gomes

*
*
$whoami*

- Perito Forense Computacional
- Pentester

- Esp. em Segurança de Redes de Computadores com enfâse a Perícia
Forense Computacional - FACID

- Bacharel em Ciência da Computação - UESPI
- Administrador de Redes de Computadores
- CCNA Modulo II
- Lattes: *http://lattes.cnpq.br/1591329268136905*

Rowland Penny

unread,

Sep 24, 2013, 11:42:01 AM9/24/13

to

HI, what are you trying to join the DC to? is it another samba4 machine
or a windows server, if a windows server, what version of windows. Also
what versions of samba4?

Rowland

Jacó Ramos

unread,

Sep 24, 2013, 12:00:00 PM9/24/13

to

I try to join the DC (Windows 2003 Server).

I am using samba 4.0.9.

>>>> <mailto:repenny241155@gmail.****com <

>>>> repenn...@gmail.com>>>
>>>>
>>>>
>>>> On 24/09/13 11:38, Jacó Ramos wrote:
>>>> Hi Dario,
>>>> cp

>>>> /usr/local/samba/private/sam.****ldb
>>>> /usr/local/samba/private/dns
>>>> cp /usr/local/samba/private/sam.****ldb.d

>>>>
>>>> /usr/local/samba/private/dns
>>>> and
>>>> chmod 777
>>>> /usr/local/samba/private/dns/*
>>>> and dns works fine!
>>>> Grato.
>>>> Jacó Ramos
>>>> Hi, sorry but
>>>> you have got it wrong, it needs to be hard
>>>> linked, see here:

>>>> https://wiki.samba.org/index.***
>>>> *php/Samba4/HOWTO/Join_a_**<https://wiki.samba.org/index.**php/Samba4/HOWTO/Join_a_**>
>>>> domain_as_a_DC<https://wiki.**samba.org/index.php/Samba4/**
>>>> HOWTO/Join_a_domain_as_a_DC<https://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC>
>>>> >
>>>> and here:
>>>> https://wiki.samba.org/index.***
>>>> *php/Dns-backend_bind#New_**<https://wiki.samba.org/index.**php/Dns-backend_bind#New_**>
>>>> added_DNS_entries_are_not_****resolvable<https://wiki.samba.**
>>>> org/index.php/Dns-backend_**bind#New_added_DNS_entries_**
>>>> are_not_resolvable<https://wiki.samba.org/index.php/Dns-backend_bind#New_added_DNS_entries_are_not_resolvable>

>>>> >
>>>>
>>>> Rowland
>>>>
>>>> Hi Jacó,
>>>> could it be that your domain/forest level is < 2003?
>>>>
>>>> try to run
>>>> # samba-tool domain level show
>>>> to see the domain/forest levels.
>>>>
>>>> Did you provision the domain on samba AD DC or did you join it
>>>> to an
>>>> existing domain?
>>>>
>>>> BTW as Rowland said the private/dns content has to be hard
>>>> linked and
>>>> not a simple copy. Samba updates it's private/sam.ldb and
>>>> private/sam.ldb.d/* files. Files on private/dns won't be
>>>> updated that's
>>>> why they have to be links to the original ones.
>>>>
>>>> A side note about permissions: it would be safer to restrict
>>>> permissions
>>>> to bind/named so as stated in the wiki you can
>>>>
>>>> # chown named:named /usr/local/samba/private/dns

>>>> # chgrp named /usr/local/samba/private/dns.****keytab
>>>> # chmod g+r /usr/local/samba/private/dns.****keytab

>>>>
>>>> # chmod 775 /usr/local/samba/private/dns
>>>>
>>>> Daniele.
>>>>
>>>>
>>>> If your domain level is 2003 you will not be able to join samba4
>>>> with bind backend. There is a bug open for this. It duplicates
>>>> your dns zone and bind will not start.
>>>>

>>>> https://bugzilla.samba.org/****show_bug.cgi?id=9210<https://bugzilla.samba.org/**show_bug.cgi?id=9210>
>>>> <https://**bugzilla.samba.org/show_bug.**cgi?id=9210<https://bugzilla.samba.org/show_bug.cgi?id=9210>

>>>> >
>>>>
>>>>
>>>> Jonn
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> /"O homem não foi criado para ser feliz nem para vencer, mas para viver
>>>> para Deus. Quando vive para Deus é feliz e vence." Isaltino Gomes
>>>> /
>>>> *
>>>> $whoami*
>>>>
>>>> * Perito Forense Computacional
>>>> * Pentester
>>>> * Esp. em Segurança de Redes de Computadores com enfâse a Perícia
>>>> Forense Computacional - FACID
>>>> * Bacharel em Ciência da Computação - UESPI
>>>> * Administrador de Redes de Computadores
>>>> * CCNA Modulo II

>>>> * Lattes: /http://lattes.cnpq.br/****1591329268136905/<http://lattes.cnpq.br/**1591329268136905/>
>>>> <http://**lattes.cnpq.br/**1591329268136905/<http://lattes.cnpq.br/1591329268136905/>

>>>> >
>>>>
>>>>
>>>>
>>>>
>>>> Esta mensagem pode conter informações confidenciais e/ou privilegiadas.
>>>> Se você não for o destinatário ou a pessoa autorizada a receber esta
>>>> mensagem, não deve usar, copiar ou divulgar as informações nela contida
>>>> ou
>>>> tomar qualquer ação baseada nessas informações.
>>>>
>>>> Did you create the links as per the wiki?
>>>
>>> Jonn
>>>
>>>
>>>
>> HI, what are you trying to join the DC to? is it another samba4 machine
> or a windows server, if a windows server, what version of windows. Also
> what versions of samba4?
>
> Rowland
>
>

--

*"O homem não foi criado para ser feliz nem para vencer, mas para viver

para Deus. Quando vive para Deus é feliz e vence." Isaltino Gomes

*
*
$whoami*

- Perito Forense Computacional
- Pentester

- Esp. em Segurança de Redes de Computadores com enfâse a Perícia
Forense Computacional - FACID

- Bacharel em Ciência da Computação - UESPI
- Administrador de Redes de Computadores
- CCNA Modulo II
- Lattes: *http://lattes.cnpq.br/1591329268136905*

Rowland Penny

unread,

Sep 24, 2013, 12:48:42 PM9/24/13

to

On 24/09/13 17:00, Jacó Ramos wrote:
> I try to join the DC (Windows 2003 Server).
>
> I am using samba 4.0.9.
>
> Grato.
> Jacó Ramos
>
>

Hmm, I wonder if that is the problem, bind is trying to get the required
data from the windows server and it isn't there.

I run a samba4 only setup and just set the main server up with 4.1.0rc3
and bind 9.9.3 and then joined another DC to this, same samba4 version
and again bind 9.9.3 absolutely no problem. I do remember though, that
the last time I did this (and it was also the first time I did it), I
tried to use the internal DNS server on the second DC and had allsorts
of problems until I moved the second DC to bind9 as well.

So it just may be that you have found a bug, i.e. samba4 & bind cannot
join a domain if the main DC is a windows server.

Have you tried turning off bind9 and then doing the join again, but this
time without ' --dns-backend=BIND9_DLZ', if it does join ok, then the
problem must be with your setup.

Just had another thought, the windows server is operating as a DNS
server isn't it?

Rowland

Jacó Ramos

unread,

Sep 24, 2013, 5:03:16 PM9/24/13

to

Yes, the windows server is operating as a DNS server!

And want a secondary DNS in samba4 server!

Grato.
Jacó Ramos

2013/9/24 Rowland Penny <repenn...@gmail.com>

Rowland Penny

unread,

Sep 25, 2013, 4:02:39 AM9/25/13

to

On 24/09/13 22:03, Jac� Ramos wrote:
> Yes, the windows server is operating as a DNS server!
>
> And want a secondary DNS in samba4 server!
>
> Grato.

> Jac� Ramos
>
>
> 2013/9/24 Rowland Penny <repenn...@gmail.com
> <mailto:repenn...@gmail.com>>

>
> On 24/09/13 17:00, Jac� Ramos wrote:
>
> I try to join the DC (Windows 2003 Server).
>
> I am using samba 4.0.9.
>
> Grato.

> Jac� Ramos

>
>
> Hmm, I wonder if that is the problem, bind is trying to get the
> required data from the windows server and it isn't there.
>
> I run a samba4 only setup and just set the main server up with
> 4.1.0rc3 and bind 9.9.3 and then joined another DC to this, same
> samba4 version and again bind 9.9.3 absolutely no problem. I do
> remember though, that the last time I did this (and it was also
> the first time I did it), I tried to use the internal DNS server
> on the second DC and had allsorts of problems until I moved the
> second DC to bind9 as well.
>
> So it just may be that you have found a bug, i.e. samba4 & bind
> cannot join a domain if the main DC is a windows server.
>
> Have you tried turning off bind9 and then doing the join again,
> but this time without ' --dns-backend=BIND9_DLZ', if it does join
> ok, then the problem must be with your setup.
>
> Just had another thought, the windows server is operating as a DNS
> server isn't it?
>
> Rowland
>
>
>

I repeat, have you tried turning off bind9 and then doing the join again
without '--dns-backend=BIND9_DLZ', samba4 has its own built in DNS server.

This may get you a working secondary server and will confirm that there
is a problem with samba4/bind9 with a main windows server.

Rowland

Re: Fwd: Error start bind9 samba4 BIND9_DLZ

Daniele Dario

Jacó Ramos

Rowland Penny

Jacó Ramos

Daniele Dario

Taylor, Jonn

Jacó Ramos

Taylor, Jonn

Jacó Ramos

Rowland Penny

Jacó Ramos

Rowland Penny

Jacó Ramos

Rowland Penny