This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
samba4_as_ad_dc [2015/06/29 16:10] 127.0.0.1 external edit |
samba4_as_ad_dc [2015/09/11 01:55] cbustillo [Configure DNS] |
||
---|---|---|---|
Line 54: | Line 54: | ||
=== For Bind 9.8 / 9.9 === | === For Bind 9.8 / 9.9 === | ||
- | **//If you choosed for internal DNS, you can skkip this part//**. During provisioning/upgrading, a file ('/usr/local/samba/private/named.conf') was created, that must be included in your Bind named.conf: | + | **//If you choosed for internal DNS, you can skip this part//**. During provisioning/upgrading, a file ('/usr/local/samba/private/named.conf') was created, that must be included in your Bind named.conf: |
<code> | <code> | ||
include "/usr/local/samba/private/named.conf"; | include "/usr/local/samba/private/named.conf"; | ||
Line 62: | Line 62: | ||
<code> | <code> | ||
include "/var/lib/samba/private/named.conf"; | include "/var/lib/samba/private/named.conf"; | ||
- | </code> | ||
- | |||
- | If you are using Samba from SerNet, you must do to adjust the following permissions, to grant access to Bind9 deamon: | ||
- | <code> | ||
- | chgrp bind /var/lib/samba/private/named.conf | ||
- | chmod g+r /var/lib/samba/private/named.conf | ||
- | |||
- | chgrp bind /var/lib/samba/private/dns.keytab | ||
- | chmod g+r /var/lib/samba/private/dns.keytab | ||
- | |||
- | chgrp bind /var/lib/samba/private/ | ||
</code> | </code> | ||
Line 111: | Line 100: | ||
<code> | <code> | ||
# service bind9 restart | # service bind9 restart | ||
+ | </code> | ||
+ | |||
+ | If after restarting Bind you receive an error regarding file permissions (this error occurs with SerNet packages), for instance: | ||
+ | |||
+ | <code> | ||
+ | โ bind9.service - BIND Domain Name Server | ||
+ | Loaded: loaded (/lib/systemd/system/bind9.service; enabled) | ||
+ | Drop-In: /run/systemd/generator/bind9.service.d | ||
+ | โโ50-insserv.conf-$named.conf | ||
+ | Active: failed (Result: exit-code) since Sun 2015-08-09 12:02:27 CDT; 5s ago | ||
+ | Docs: man:named(8) | ||
+ | Process: 1101 ExecStop=/usr/sbin/rndc stop (code=exited, status=1/FAILURE) | ||
+ | Process: 1097 ExecStart=/usr/sbin/named -f -u bind (code=exited, status=1/FAILURE) | ||
+ | Main PID: 1097 (code=exited, status=1/FAILURE) | ||
+ | |||
+ | Aug 09 12:02:27 dc2 named[1097]: using 1 UDP listener per interface | ||
+ | Aug 09 12:02:27 dc2 named[1097]: using up to 4096 sockets | ||
+ | Aug 09 12:02:27 dc2 named[1097]: loading configuration from '/etc/bind/named.conf' | ||
+ | Aug 09 12:02:27 dc2 named[1097]: /etc/bind/named.conf:12: open: /var/lib/samba/private/named.conf: permission denied | ||
+ | Aug 09 12:02:27 dc2 named[1097]: loading configuration: permission denied | ||
+ | Aug 09 12:02:27 dc2 named[1097]: exiting (due to fatal error) | ||
+ | Aug 09 12:02:27 dc2 systemd[1]: bind9.service: main process exited, code=exited, status=1/FAILURE | ||
+ | Aug 09 12:02:27 dc2 rndc[1101]: rndc: connect failed: 127.0.0.1#953: connection refused | ||
+ | Aug 09 12:02:27 dc2 systemd[1]: bind9.service: control process exited, code=exited status=1 | ||
+ | Aug 09 12:02:27 dc2 systemd[1]: Unit bind9.service entered failed state. | ||
+ | </code> | ||
+ | |||
+ | The above means that bind can't read the above files added, so issue the following: | ||
+ | |||
+ | <code> | ||
+ | # chmod 755 /var/lib/samba/private | ||
+ | </code> | ||
+ | |||
+ | Finally start bind9 servive: | ||
+ | |||
+ | <code> | ||
+ | # systemctl stop bind9 | ||
+ | # systemctl start bind9 | ||
+ | </code> | ||
+ | |||
+ | If the error persists, try with: | ||
+ | |||
+ | <code> | ||
+ | # chgrp bind /var/lib/samba/private/named.conf | ||
+ | # chmod g+r /var/lib/samba/private/named.conf | ||
+ | |||
+ | # chgrp bind /var/lib/samba/private/dns.keytab | ||
+ | # chmod g+r /var/lib/samba/private/dns.keytab | ||
+ | |||
+ | # chgrp bind /var/lib/samba/private/ | ||
</code> | </code> | ||