Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Other modules / Re: DNS - Internal names stops resolving
« on: March 12, 2020, 01:25:28 am »
I realized that my DHCP (on zentyal) was configured to use zentyal as primary DNS and 8.8.8.8 as secondary.
After removing 8.8.8.8 as secondary, things got worse.
Now it's not just internal sites that are not resolving, all sites stops resolving, after a few minutes it works again... and then stops again
After removing 8.8.8.8 as secondary, things got worse.
Now it's not just internal sites that are not resolving, all sites stops resolving, after a few minutes it works again... and then stops again
2
Other modules / Re: DNS - Internal names stops resolving
« on: March 04, 2020, 02:31:26 am »
Sorry for the late reply
Since I initially had this problem, I decided to re-install Zentyal on a new VM (I'm running it in Proxmox). After reinstall I still have the same issue.
I tried some of the commands on the link, but they gave me bad user/password:
I'm not sure if I should replace username in the command with something different, so I tried my own username and with root and got the same result still
There is only one domain controller on the network, the network is divided into multiple subnets. The original Zentyal server had 3 network cards (one for each server). The current install I have not gotten around to configure all 3 nics, only the one I'm using and the other nics are in zentyal, but not any ip assigned to them
In this setup Zentyal is DHCP and DNS server, it's not the gateway for the system
Since I initially had this problem, I decided to re-install Zentyal on a new VM (I'm running it in Proxmox). After reinstall I still have the same issue.
I tried some of the commands on the link, but they gave me bad user/password:
Code: [Select]
samba-tool dns serverinfo localhost -U admindc%admindc
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncacn_ip_tcp:127.0.0.1[,sign]
Cannot do GSSAPI to an IP address
Got challenge flags:
Got NTLMSSP neg_flags=0x62898215
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x62088215
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088215
Failed to bind to uuid 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for ncacn_ip_tcp:127.0.0.1[49152,sign,abstract_syntax=50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=127.0.0.1] NT_STATUS_LOGON_FAILURE
ERROR: Connecting to DNS RPC server 127.0.0.1 failed with (-1073741715, 'The attempted logon is invalid. This is either due to a bad username or authentication information.')
File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 44, in dns_connect
dns_conn = dnsserver.dnsserver(binding_str, lp, creds)
I'm not sure if I should replace username in the command with something different, so I tried my own username and with root and got the same result still
There is only one domain controller on the network, the network is divided into multiple subnets. The original Zentyal server had 3 network cards (one for each server). The current install I have not gotten around to configure all 3 nics, only the one I'm using and the other nics are in zentyal, but not any ip assigned to them
In this setup Zentyal is DHCP and DNS server, it's not the gateway for the system
3
Other modules / Re: DNS - Internal names stops resolving
« on: February 09, 2020, 02:12:09 pm »I got into this state just now.
The log doesn't contain anything since yesterday morning (And at that time just information that I logged in to the web interface)
I was in this state at around 7:45am not sure when it started; and got out of it around 7:53(ish)- maybe a minute or so before that (Writing it here to help me if I need to look in log files later)
In samba service I still have:
Feb 09 07:37:09 dc-002 samba[2510]: [2020/02/09 07:37:09.630973, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Feb 09 07:37:09 dc-002 samba[2510]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Feb 09 07:42:09 dc-002 samba[2510]: [2020/02/09 07:42:09.723072, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Feb 09 07:42:09 dc-002 samba[2510]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Feb 09 07:47:09 dc-002 samba[2510]: [2020/02/09 07:47:09.774040, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Feb 09 07:47:09 dc-002 samba[2510]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Feb 09 07:52:09 dc-002 samba[2510]: [2020/02/09 07:52:09.949345, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Feb 09 07:52:09 dc-002 samba[2510]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Feb 09 07:57:10 dc-002 samba[2510]: [2020/02/09 07:57:10.002038, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Feb 09 07:57:10 dc-002 samba[2510]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
I also looked for other log files; didn't see anything of interest, but I'm not sure where to look (I think that Samba-AD-DC is what is handling the DNS? so that is why I looked at samba service) - the samba log file was really big; couldn't tell if it was errors or not- if it would be of help I can paste part of it
Thanks
4
Other modules / Re: DNS - Internal names stops resolving
« on: January 31, 2020, 02:48:30 am »
Ran:
sudo systemctl status samba-ad-dc.service
and noticed:
Jan 30 20:23:32 dc-002 samba[29638]: [2020/01/30 20:23:32.292633, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 30 20:23:32 dc-002 samba[29638]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Jan 30 20:28:32 dc-002 samba[29638]: [2020/01/30 20:28:32.415317, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 30 20:28:32 dc-002 samba[29638]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Jan 30 20:33:32 dc-002 samba[29638]: [2020/01/30 20:33:32.474230, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 30 20:33:32 dc-002 samba[29638]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Jan 30 20:38:32 dc-002 samba[29638]: [2020/01/30 20:38:32.520138, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 30 20:38:32 dc-002 samba[29638]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Jan 30 20:43:32 dc-002 samba[29638]: [2020/01/30 20:43:32.626901, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 30 20:43:32 dc-002 samba[29638]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Not sure if it's related or not?
sudo systemctl status samba-ad-dc.service
and noticed:
Jan 30 20:23:32 dc-002 samba[29638]: [2020/01/30 20:23:32.292633, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 30 20:23:32 dc-002 samba[29638]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Jan 30 20:28:32 dc-002 samba[29638]: [2020/01/30 20:28:32.415317, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 30 20:28:32 dc-002 samba[29638]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Jan 30 20:33:32 dc-002 samba[29638]: [2020/01/30 20:33:32.474230, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 30 20:33:32 dc-002 samba[29638]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Jan 30 20:38:32 dc-002 samba[29638]: [2020/01/30 20:38:32.520138, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 30 20:38:32 dc-002 samba[29638]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Jan 30 20:43:32 dc-002 samba[29638]: [2020/01/30 20:43:32.626901, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Jan 30 20:43:32 dc-002 samba[29638]: /usr/sbin/samba_kcc: ldb_wrap open of secrets.ldb
Not sure if it's related or not?
5
Other modules / DNS - Internal names stops resolving
« on: January 30, 2020, 12:33:02 pm »
I'm using zentyal as my DHCP and DNS server.
from time to time the DNS stops resolving addresses on my internal domain for a while.
So far I have not been able to figure out if there is an event that makes the domain start again, usually I just go to the zentyal webpage by IP and log in and at some point it seems to start working again.
I'm not sure where to start troubleshooting. Any ideas?
from time to time the DNS stops resolving addresses on my internal domain for a while.
So far I have not been able to figure out if there is an event that makes the domain start again, usually I just go to the zentyal webpage by IP and log in and at some point it seems to start working again.
I'm not sure where to start troubleshooting. Any ideas?
6
Other modules / DHCP - All Ranges end up on same domain (expected different domains)
« on: January 14, 2020, 12:42:05 pm »
I have created 2 domains in Zentyal
ws.xxx.lan
dev.xxx.lan
I have 2 nics, one for each domain - each with it's own DHCP server
DHCP for ws.xxx.lan is set to use 192.168.5.2 - 100
DHCP for dev.xxx.lan is set to use 192.168.11.2 - 100
Each DHCP is set for use dynamic DNS and the dynamic DNS is set to use the appropriate domain.
So far I only have one device on the dev domain that is getting it's ip from DHCP
But it seems to be resolving as it's located on the ws domain; not the dev domain (It's getting IP from the dev DHCP at 192168.11.15).
Static IP addresses resolve on the correct domain.
Any suggestions on what I'm doing wrong?
ws.xxx.lan
dev.xxx.lan
I have 2 nics, one for each domain - each with it's own DHCP server
DHCP for ws.xxx.lan is set to use 192.168.5.2 - 100
DHCP for dev.xxx.lan is set to use 192.168.11.2 - 100
Each DHCP is set for use dynamic DNS and the dynamic DNS is set to use the appropriate domain.
So far I only have one device on the dev domain that is getting it's ip from DHCP
But it seems to be resolving as it's located on the ws domain; not the dev domain (It's getting IP from the dev DHCP at 192168.11.15).
Static IP addresses resolve on the correct domain.
Any suggestions on what I'm doing wrong?
Pages: [1]