Hi All,
this problem still exists in "Domain Controller and File Sharing " version 5.0.4:
The whole DNS update process fails, because it wants to delete and recreate all the items, but "dns-..." user has no rights for it:
"... disallowing update of signer=dns-zentyal\@SILICON.HU name=www.silicon.hu type=CNAME error=insufficient access rights"
As I could see nsupdate refuses changes on items created BEFORE the Zentyal 5 upgrade.
My terminology:
old host/alias was created BEFORE upgrade to Zentyal 5,
new host/alias was created AFTER the upgrade.
During the execution of a /var/lib/zentyal/tmp/... file at nsupdate prompt line by line I could notice the following:
creating
new host (A) is OK
adding
new alias (CNAME) to
new host is OK
adding
new alias (CNAME) to
old host is OK
deleting
old alias FAILS
deleting
old host FAILS
Here is the test:
root@zentyal:/home/zadmin# nsupdate -g
> update add itsanewhost.silicon.hu 259200 A 10.9.20.3
> send
> add itsanewalias.silicon.hu 259200 CNAME itsanewhost.silicon.hu
> send
> add itsanewalias2.silicon.hu 259200 CNAME web.silicon.hu
> send
> update delete
www.silicon.hu CNAME
> send
update failed: REFUSED
>
How can I fix it?
Thanks,
Peter