Author Topic: DNS restart failure  (Read 2629 times)

davesivill

  • Zen Apprentice
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
DNS restart failure
« on: March 21, 2017, 08:01:36 pm »
I've recently set up a server running Zentyal 5.0.7 and everything seemed to be running smoothly. However in the last week or so, DNS has seemed to stop working correctly and trying to restart the DNS module leads to a failure.

From looking through the logs it seems to be failing due to "nsupdate".

I'm unsure as to how to go about fixing this issue and after a fair few hours of trying i've decided to turn to the forums for help, so if anyone has a solution to this it would be greatly appreciated.

Laurent Dinclaux

  • Zen Monk
  • **
  • Posts: 83
  • Karma: +5/-0
    • View Profile
    • Gecka
Re: DNS restart failure
« Reply #1 on: June 07, 2017, 02:22:08 am »
Bump, same issue here,the command nsupdate -g -t 10 /var/lib/zentyal/tmp/JGD4n4PucA returns update failed: REFUSED
Laurent

Laurent Dinclaux

  • Zen Monk
  • **
  • Posts: 83
  • Karma: +5/-0
    • View Profile
    • Gecka
Re: DNS restart failure
« Reply #2 on: March 13, 2018, 05:29:38 am »
Adding the dns-$host user to the DnsAdmin group solved it. See in the bug tracker.
Laurent

jrodeiro

  • Zen Apprentice
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: DNS restart failure
« Reply #3 on: July 03, 2018, 03:10:32 pm »
Adding the dns-$host user to the DnsAdmin group solved it. See in the bug tracker.
Can You explain me please? Link is down.

Thanks.

JLLEWELYN

  • Zen Monk
  • **
  • Posts: 65
  • Karma: +5/-0
    • View Profile
Re: DNS restart failure
« Reply #4 on: July 16, 2018, 06:54:22 pm »
I have the same problem.

https://forum.zentyal.org/index.php/topic,32300.0.html

From what I understand it must be like this:
Code: [Select]
sudo samba-tool group list
ldb_wrap open of secrets.ldb
Allowed RODC Password Replication Group
Enterprise Read-Only Domain Controllers
Denied RODC Password Replication Group
Pre-Windows 2000 Compatible Access
Windows Authorization Access Group
Certificate Service DCOM Access
Network Configuration Operators
Terminal Server License Servers
Incoming Forest Trust Builders
Read-Only Domain Controllers
Group Policy Creator Owners
Performance Monitor Users
Cryptographic Operators
Distributed COM Users
Performance Log Users
Remote Desktop Users
Account Operators
Event Log Readers
RAS and IAS Servers
Backup Operators
Domain Controllers
Server Operators
Enterprise Admins
Print Operators
Administrators
Domain Computers
Cert Publishers
DnsUpdateProxy
Domain Admins
Domain Guests
Schema Admins
Domain Users
Replicator
IIS_IUSRS
Vendedores
DnsAdmins     <------
Gerentes
Guests
Cybers
Users
IT

Code: [Select]
sudo samba-tool user list
ldb_wrap open of secrets.ldb
john
anyerli
taquilla-01
taquilla-02
Administrator
dns-servidor  <----
gerente
kerio
krbtgt
Guest
01
02
03
04
05
06
07
08
09
10
11
12

Code: [Select]
sudo samba-tool group addmembers DnsAdmins dns-servidor

Code: [Select]
sudo samba-tool group listmembers DnsAdmins
ldb_wrap open of secrets.ldb
dns-servidor   <-------

I'm not sure.
« Last Edit: July 16, 2018, 07:29:59 pm by JLLEWELYN »

JLLEWELYN

  • Zen Monk
  • **
  • Posts: 65
  • Karma: +5/-0
    • View Profile
Re: DNS restart failure
« Reply #5 on: July 17, 2018, 12:10:05 am »
apply the command:
Code: [Select]
sudo samba-tool group addmembers DnsAdmins dns-servidor
sudo reboot

Now I have a new error ...
Code: [Select]
Command output: .
Exit value: 2
2018/07/16 18:06:04 ERROR> Service.pm:967 EBox::Module::Service::restartService - root command nsupdate -g -t 10 /var/lib/zentyal/tmp/4lAlq8VQIe failed.
2018/07/16 18:06:04 ERROR> RestartService.pm:61 EBox::SysInfo::CGI::RestartService::_process - Restart of DNS from dashboard failed: root command nsupdate -g -t 10 /var/lib/zentyal/tmp/4lAlq8VQIe failed.
Error output: ; TSIG error with server: tsig indicates error
 update failed: NOTAUTH(BADKEY)

Command output: .
Exit value: 2