User Tools

Site Tools


samba4_as_ad_dc

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
samba4_as_ad_dc [2015/09/10 18:30]
cbustillo [Configure DNS]
samba4_as_ad_dc [2015/09/10 21:55] (current)
cbustillo [Configure DNS]
Line 54: Line 54:
 === For Bind 9.8 / 9.9 === === For Bind 9.8 / 9.9 ===
  
-**//If you choosed for internal DNS, you can skkip this part//**. During provisioning/​upgrading,​ a file ('/​usr/​local/​samba/​private/​named.conf'​) was created, that must be included in your Bind named.conf:+**//If you choosed for internal DNS, you can skip this part//**. During provisioning/​upgrading,​ a file ('/​usr/​local/​samba/​private/​named.conf'​) was created, that must be included in your Bind named.conf:
 <​code>​ <​code>​
  ​include "/​usr/​local/​samba/​private/​named.conf";​  ​include "/​usr/​local/​samba/​private/​named.conf";​
Line 62: Line 62:
 <​code>​ <​code>​
  ​include "/​var/​lib/​samba/​private/​named.conf";​  ​include "/​var/​lib/​samba/​private/​named.conf";​
-</​code>​ 
- 
-If you are using Samba from SerNet, may be yoy need to adjust the following permissions,​ to grant access to Bind9 deamon: 
-<​code>​ 
- chgrp bind /​var/​lib/​samba/​private/​named.conf 
- chmod g+r /​var/​lib/​samba/​private/​named.conf 
- 
- chgrp bind /​var/​lib/​samba/​private/​dns.keytab 
- chmod g+r /​var/​lib/​samba/​private/​dns.keytab 
- 
- chgrp bind /​var/​lib/​samba/​private/​ 
 </​code>​ </​code>​
  
Line 111: Line 100:
 <​code>​ <​code>​
  # service bind9 restart  # service bind9 restart
 +</​code>​
 +
 +If after restarting Bind you receive an error regarding file permissions (this error occurs with SerNet packages), for instance:
 +
 +<​code>​
 +โ— bind9.service - BIND Domain Name Server
 +   ​Loaded:​ loaded (/​lib/​systemd/​system/​bind9.service;​ enabled)
 +  Drop-In: /​run/​systemd/​generator/​bind9.service.d
 +           ​โ””โ”€50-insserv.conf-$named.conf
 +   ​Active:​ failed (Result: exit-code) since Sun 2015-08-09 12:02:27 CDT; 5s ago
 +     Docs: man:​named(8)
 +  Process: 1101 ExecStop=/​usr/​sbin/​rndc stop (code=exited,​ status=1/​FAILURE)
 +  Process: 1097 ExecStart=/​usr/​sbin/​named -f -u bind (code=exited,​ status=1/​FAILURE)
 + Main PID: 1097 (code=exited,​ status=1/​FAILURE)
 +
 +Aug 09 12:02:27 dc2 named[1097]:​ using 1 UDP listener per interface
 +Aug 09 12:02:27 dc2 named[1097]:​ using up to 4096 sockets
 +Aug 09 12:02:27 dc2 named[1097]:​ loading configuration from '/​etc/​bind/​named.conf'​
 +Aug 09 12:02:27 dc2 named[1097]:​ /​etc/​bind/​named.conf:​12:​ open: /​var/​lib/​samba/​private/​named.conf:​ permission denied
 +Aug 09 12:02:27 dc2 named[1097]:​ loading configuration:​ permission denied
 +Aug 09 12:02:27 dc2 named[1097]:​ exiting (due to fatal error)
 +Aug 09 12:02:27 dc2 systemd[1]: bind9.service:​ main process exited, code=exited,​ status=1/​FAILURE
 +Aug 09 12:02:27 dc2 rndc[1101]: rndc: connect failed: 127.0.0.1#​953:​ connection refused
 +Aug 09 12:02:27 dc2 systemd[1]: bind9.service:​ control process exited, code=exited status=1
 +Aug 09 12:02:27 dc2 systemd[1]: Unit bind9.service entered failed state.
 +</​code>​
 +
 +The above means that bind can't read the above files added, so issue the following:
 +
 +<​code>​
 +# chmod 755 /​var/​lib/​samba/​private
 +</​code>​
 +
 +Finally start bind9 servive:
 +
 +<​code>​
 +# systemctl stop bind9
 +# systemctl start bind9
 +</​code>​
 +
 +If the error persists, try with:
 +
 +<​code>​
 +# chgrp bind /​var/​lib/​samba/​private/​named.conf
 +# chmod g+r /​var/​lib/​samba/​private/​named.conf
 +
 +# chgrp bind /​var/​lib/​samba/​private/​dns.keytab
 +# chmod g+r /​var/​lib/​samba/​private/​dns.keytab
 +
 +# chgrp bind /​var/​lib/​samba/​private/​
 </​code>​ </​code>​
  
samba4_as_ad_dc.txt ยท Last modified: 2015/09/10 21:55 by cbustillo