Zentyal Forum, Linux Small Business Server
Zentyal Server => Directory and Authentication => Topic started by: killmasta93 on December 22, 2020, 07:47:46 pm
-
Hi currently running zentyal 6.2 what i noticed is that cannot seem to resolve by IP but by name it works
currently tick the box Dynamic DNS Options but not sure what i missed?
C:\Users\administrador.xx>nslookup
Servidor predeterminado: apolo.xx.local
Address: 192.168.100.200
> pc-23
Servidor: apolo.xxx.local
Address: 192.168.100.200
Nombre: pc-23.xx.local
Address: 192.168.100.59
> 192.168.100.59
Servidor: apolo.xx.local
Address: 192.168.100.200
*** apolo.xx.local no encuentra 192.168.100.59: Non-existent domain
just checked the logs and found this
Dec 22 13:51:34 apolo dhcpd[17404]: execute: /usr/share/zentyal-dhcp/dhcp-dyndns.sh exit status 32512
and whats even odd is that i check the service of DHCP which shows on but on the WebGui shows stopped
root@apolo:~# service isc-dhcp-server status
● isc-dhcp-server.service - ISC DHCP IPv4 server
Loaded: loaded (/lib/systemd/system/isc-dhcp-server.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2020-12-22 13:50:16 -05; 3min 26s ago
Docs: man:dhcpd(8)
Main PID: 17404 (dhcpd)
Tasks: 1 (limit: 4620)
CGroup: /system.slice/isc-dhcp-server.service
└─17404 dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf /etc/dhcp/dhcpd.conf
Dec 22 13:53:30 apolo dhcpd[17404]: DHCPACK on 192.168.100.48 to f8:1f:32:c6:19:b4 via eth0
Dec 22 13:53:30 apolo dhcpd[17404]: Commit: IP: 192.168.100.49 DHCID: c0:cb:38:15:96:79 Name: PC-07
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[0] = /usr/share/zentyal-dhcp/dhcp-dyndns.sh
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[1] = add
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[2] = 192.168.100.49
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[3] = c0:cb:38:15:96:79
Dec 22 13:53:30 apolo dhcpd[17404]: execute_statement argv[4] = PC-07
Dec 22 13:53:30 apolo dhcpd[17404]: execute: /usr/share/zentyal-dhcp/dhcp-dyndns.sh exit status 32512
Dec 22 13:53:30 apolo dhcpd[17404]: DHCPREQUEST for 192.168.100.49 from c0:cb:38:15:96:79 (PC-07) via eth0
Dec 22 13:53:30 apolo dhcpd[17404]: DHCPACK on 192.168.100.49 to c0:cb:38:15:96:79 (PC-07) via eth0
https://imgur.com/QtTnZuL.png
-
bump anyone?
Whats odd is that i added manually i can resolve by IP but by name it says it wont resolve, i tried then the name of the server with the domain and it shows the IP. So i thought it was the installation so i did another installation from zero and same issue
-
post your config code of bind9 isc-dhcp and samba.....
-
thanks for the reply,
root@apolo:~# cat /etc/dhcp/dhcpd.conf
# DHCP server is authoritative for all networks
authoritative;
# extra options
# RFC3442 routes
option rfc3442-classless-static-routes code 121 = array of inxxxer 8;
# MS routes
option ms-classless-static-routes code 249 = array of inxxxer 8;
# Cisco IP phones
option voip-tftp-servers code 150 = array of ip-address;
option shoretel-director-server code 155 = ip-address;
pid-file-name "/var/run/dhcp-server/dhcpd.pid";
ddns-update-style none;
ddns-updates on;
update-static-leases on;
option domain-name-servers 127.0.0.1;
allow booting;
allow bootp;
default-lease-time 1800;
max-lease-time 7200;
include "/etc/dhcp/ddns-keys/keys";
shared-network eth0 {
subnet 192.168.100.0 netmask 255.255.255.0 {
option routers 192.168.100.1;
option domain-name "xxx.local";
option domain-name-servers 192.168.100.200;
option ntp-servers 192.168.100.200;
option netbios-name-servers 192.168.100.200;
option netbios-node-type 8;
default-lease-time 1800;
max-lease-time 7200;
option host-name = config-option server.ddns-hostname;
ddns-hostname = pick-first-value( option fqdn.hostname,
option host-name,
concat("dhcp-", binary-to-ascii(10, 8, "-", leased-address)));
ddns-domainname "xxx.local.";
zone xxx.local. {
primary 127.0.0.1;
key xxx.local;
}
zone 100.168.192.in-addr.arpa. {
primary 127.0.0.1;
key xxx.local;
}
pool {
next-server 192.168.100.200;
range 192.168.100.10 192.168.100.100;
}
}
on commit {
set noname = concat("dhcp-", binary-to-ascii(10, 8, "-", leased-address));
set ClientIP = binary-to-ascii(10, 8, ".", leased-address);
set ClientDHCID = concat (
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,1,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,2,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,3,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,4,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,5,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,6,1))),2)
);
set ClientName = pick-first-value(option host-name, config-option-host-name, client-name, noname);
log(concat("Commit: IP: ", ClientIP, " DHCID: ", ClientDHCID, " Name: ", ClientName));
execute("/usr/share/zentyal-dhcp/dhcp-dyndns.sh", "add", ClientIP, ClientDHCID, ClientName);
}
on release {
set ClientIP = binary-to-ascii(10, 8, ".", leased-address);
set ClientDHCID = concat (
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,1,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,2,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,3,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,4,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,5,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,6,1))),2)
);
log(concat("Release: IP: ", ClientIP));
execute("/usr/share/zentyal-dhcp/dhcp-dyndns.sh", "delete", ClientIP, ClientDHCID);
}
on expiry {
set ClientIP = binary-to-ascii(10, 8, ".", leased-address);
# cannot get a ClientMac here, apparently this only works when actually receiving a packet
log(concat("Expired: IP: ", ClientIP));
# cannot get a ClientName here, for some reason that always fails
execute("/usr/share/zentyal-dhcp/dhcp-dyndns.sh", "delete", ClientIP, "", "0");
}
group {
option routers 192.168.100.1;
option domain-name "xxx.local";
option domain-name-servers 192.168.100.200;
option ntp-servers 192.168.100.200;
option netbios-name-servers 192.168.100.200;
option netbios-node-type 8;
default-lease-time 1800;
max-lease-time 7200;
option host-name = config-option server.ddns-hostname;
ddns-hostname = pick-first-value ( host-decl-name,
option fqdn.hostname,
concat("static-", binary-to-ascii(10, 8, "-", leased-address)));
ddns-domainname "xxx.local.";
zone xxx.local. {
primary 127.0.0.1;
key xxx.local;
}
zone 100.168.192.in-addr.arpa. {
primary 127.0.0.1;
key xxx.local;
}
}
}
# Add option 150 (0x96) and 155 (0x9b)
if exists dhcp-parameter-request-list {
option dhcp-parameter-request-list=concat(option dhcp-parameter-request-list,96,9b);
}
root@apolo:~# cat /etc/samba/smb.conf
[global]
workgroup = xxx
realm = XXX.LOCAL
netbios name = apolo
server string = Zentyal Server
server role = dc
server role check:inhibit = yes
server services = -dns
server signing = auto
dsdb:schema update allowed = yes
ldap server require strong auth = no
drs:max object sync = 1200
idmap_ldb:use rfc2307 = yes
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
template homedir = /home/%U
rpc server dynamic port range = 49152-65535
interfaces = lo,eth0
bind interfaces only = yes
map to guest = Bad User
log level = 3
log file = /var/log/samba/samba.log
max log size = 100000
include = /etc/samba/shares.conf
[netlogon]
path = /var/lib/samba/sysvol/xx.local/scripts
browseable = no
read only = yes
[sysvol]
path = /var/lib/samba/sysvol
read only = no
root@apolo:~# cat /etc/bind/named.conf.local
// Generated by Zentyal
acl "trusted" {
localhost;
localnets;
};
acl "internal-local-nets" {
192.168.100.0/24;
};
dlz "AD DNS Zone" {
database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_11.so";
};
zone "100.168.192.in-addr.arpa" {
type master;
file "/var/lib/bind/db.100.168.192";
update-policy {
// The only allowed dynamic updates are PTR records
grant xxx.local. subdomain 100.168.192.in-addr.arpa. PTR TXT;
// Grant from localhost
grant local-ddns zonesub any;
};
};
zone "10.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "16.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "17.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "18.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "19.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "20.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "21.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "22.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "23.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "24.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "25.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "26.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "27.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "28.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "29.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "30.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "31.172.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
zone "168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.empty";
};
-
i think the issue is this part
Dec 25 22:19:48 apolo dhcpd[1853]: execute: /usr/share/zentyal-dhcp/dhcp-dyndns.sh exit status 32512
but on the dhcp config shows correctly
on release {
set ClientIP = binary-to-ascii(10, 8, ".", leased-address);
set ClientDHCID = concat (
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,1,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,2,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,3,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,4,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,5,1))),2), ":",
suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,6,1))),2)
);
log(concat("Release: IP: ", ClientIP));
execute("/usr/share/zentyal-dhcp/dhcp-dyndns.sh", "delete", ClientIP, ClientDHCID);
}
and i think the permissions are correct
root@apolo:~# ls -l -h /usr/share/zentyal-dhcp/dhcp-dyndns.sh
-rwxr-xr-x 1 root root 4.4K Oct 5 05:05 /usr/share/zentyal-dhcp/dhcp-dyndns.sh
-
solved it: it was apparmor
do the following it should work
ln -s /etc/apparmor.d/usr.sbin.dhcpd /etc/apparmor.d/disable/
apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd
and reconnect your devices should see the logs correctly