Project

General

Profile

Tâche #29958

Scénario #17656: Seth : Envisager l'ajouter les zones de recherche inverse dans le DNS (PTR).

Vérifier l'enregistrement dynamique des postes Windows dans l'AD

Added by Gilles Grandgérard over 1 year ago. Updated over 1 year ago.

Status:
Fermé
Priority:
Normal
Assigned To:
-
Start date:
10/17/2016
Due date:
% Done:

0%

Remaining (hours):
0.0

Description

Déamrrer :
- aca.dc1
- vérifier les zones DNS inversées (activer_ad_zones + ad_zones + ad_zones_defaut )
- samba-tool dns zonelist -U admin
- démarrer un pc + joindre
- attendre un peu
- dans le log samba ==> voir les opérations d'enregistrments

Associated revisions

Revision 9e7cd852 (diff)
Added by gilles.grandgerard over 1 year ago

Host ne semble pas fonctionner correctement, j'utilise 'samba-tool dns
query'

REF #29958

History

#1 Updated by Fabrice Barconnière over 1 year ago

  • Status changed from Nouveau to En cours

#2 Updated by Fabrice Barconnière over 1 year ago

  • Description updated (diff)
  • Assigned To set to Fabrice Barconnière

#3 Updated by Fabrice Barconnière over 1 year ago

  • Description updated (diff)

#4 Updated by Fabrice Barconnière over 1 year ago

  • Description updated (diff)

#5 Updated by Fabrice Barconnière over 1 year ago

  • Description updated (diff)

Les zones sont bien présentes mais la résolution inverse DNS des postes ne semble pas fonctionner :

root@dc1:~# samba-tool dns zonelist 192.168.0.5 -U admin
Password for [DOMSETH\admin]:
  5 zone(s) found

  pszZoneName                 : domseth.ac-test.fr
  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE 
  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
  Version                     : 50
  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED 
  pszDpFqdn                   : DomainDnsZones.domseth.ac-test.fr

  pszZoneName                 : 1.1.10.in-addr.arpa
  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE 
  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
  Version                     : 50
  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED 
  pszDpFqdn                   : DomainDnsZones.domseth.ac-test.fr

  pszZoneName                 : 2.1.10.in-addr.arpa
  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE 
  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
  Version                     : 50
  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED 
  pszDpFqdn                   : DomainDnsZones.domseth.ac-test.fr

  pszZoneName                 : 0.168.192.in-addr.arpa
  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE 
  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
  Version                     : 50
  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED 
  pszDpFqdn                   : DomainDnsZones.domseth.ac-test.fr

  pszZoneName                 : _msdcs.domseth.ac-test.fr
  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE 
  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
  Version                     : 50
  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED 
  pszDpFqdn                   : ForestDnsZones.domseth.ac-test.fr

root@dc1:~# CreoleGet activer_ad_zones
oui
root@dc1:~# CreoleGet ad_zones
1.1.10
2.1.10
root@dc1:~# CreoleGet ad_zones_defaut
oui
root@dc1:~# nslookup dc1
Server:         127.0.0.1
Address:        127.0.0.1#53

Name:   dc1.domseth.ac-test.fr
Address: 192.168.0.5
root@dc1:~# nslookup pc7-1
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
Name:   pc7-1
Address: 192.168.0.203
root@dc1:~# nslookup pc10-1
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
Name:   pc10-1
Address: 192.168.0.204
root@dc1:~# nslookup 192.168.0.203
** server can't find 203.0.168.192.in-addr.arpa: NXDOMAIN

#6 Updated by Gilles Grandgérard over 1 year ago

effectivement:

05-May-2020 16:24:40.316 samba_dlz: starting transaction on zone domseth.ac-test.fr
05-May-2020 16:24:40.320 client @0x7efd0811d870 192.168.0.206#50703: update 'domseth.ac-test.fr/IN' denied
05-May-2020 16:24:40.320 samba_dlz: cancelling transaction on zone domseth.ac-test.fr
05-May-2020 16:24:51.135 samba_dlz: starting transaction on zone domseth.ac-test.fr
05-May-2020 16:24:51.136 client @0x7efd0810f0e0 192.168.0.205#60765: update 'domseth.ac-test.fr/IN' denied
05-May-2020 16:24:51.136 samba_dlz: cancelling transaction on zone domseth.ac-test.fr

#7 Updated by Gilles Grandgérard over 1 year ago

mais maintenant c'est mieux ...
même si les messages sont bizarres (denied)

05-May-2020 17:26:06.503 client @0x7f673c012e60 192.168.0.206#61605: update 'domseth.ac-test.fr/IN' denied
05-May-2020 17:26:06.503 samba_dlz: cancelling transaction on zone domseth.ac-test.fr
05-May-2020 17:26:06.664 samba_dlz: starting transaction on zone domseth.ac-test.fr
05-May-2020 17:26:06.670 samba_dlz: allowing update of signer=PC-353347\$\@DOMSETH.AC-TEST.FR name=PC-353347.domseth.ac-test.fr tcpaddr=192.168.0.206 type=AAAA key=1116-ms-7.1-377f17.bc87ef8d-8ee4-11ea-c289-0200c0a8006c/160/0
05-May-2020 17:26:06.672 samba_dlz: allowing update of signer=PC-353347\$\@DOMSETH.AC-TEST.FR name=PC-353347.domseth.ac-test.fr tcpaddr=192.168.0.206 type=A key=1116-ms-7.1-377f17.bc87ef8d-8ee4-11ea-c289-0200c0a8006c/160/0
05-May-2020 17:26:06.673 samba_dlz: allowing update of signer=PC-353347\$\@DOMSETH.AC-TEST.FR name=PC-353347.domseth.ac-test.fr tcpaddr=192.168.0.206 type=A key=1116-ms-7.1-377f17.bc87ef8d-8ee4-11ea-c289-0200c0a8006c/160/0
05-May-2020 17:26:06.673 client @0x7f673c012e60 192.168.0.206#60765/key PC-353347\$\@DOMSETH.AC-TEST.FR: updating zone 'domseth.ac-test.fr/NONE': deleting rrset at 'PC-353347.domseth.ac-test.fr' AAAA
05-May-2020 17:26:06.675 client @0x7f673c012e60 192.168.0.206#60765/key PC-353347\$\@DOMSETH.AC-TEST.FR: updating zone 'domseth.ac-test.fr/NONE': deleting rrset at 'PC-353347.domseth.ac-test.fr' A
05-May-2020 17:26:06.678 client @0x7f673c012e60 192.168.0.206#60765/key PC-353347\$\@DOMSETH.AC-TEST.FR: updating zone 'domseth.ac-test.fr/NONE': adding an RR at 'PC-353347.domseth.ac-test.fr' A 192.168.0.206
05-May-2020 17:26:06.683 samba_dlz: added rdataset PC-353347.domseth.ac-test.fr 'PC-353347.domseth.ac-test.fr.    1200    IN    A    192.168.0.206'
05-May-2020 17:26:06.687 samba_dlz: subtracted rdataset domseth.ac-test.fr 'domseth.ac-test.fr.    3600    IN    SOA    dc1.domseth.ac-test.fr. hostmaster.domseth.ac-test.fr. 20 900 600 86400 3600'
05-May-2020 17:26:06.688 samba_dlz: added rdataset domseth.ac-test.fr 'domseth.ac-test.fr.    3600    IN    SOA    dc1.domseth.ac-test.fr. hostmaster.domseth.ac-test.fr. 21 900 600 86400 3600'
05-May-2020 17:26:06.704 samba_dlz: committed transaction on zone domseth.ac-test.fr
05-May-2020 17:26:06.722 samba_dlz: starting transaction on zone 0.168.192.in-addr.arpa
05-May-2020 17:26:06.726 client @0x7f673c012e60 192.168.0.206#60164: update '0.168.192.in-addr.arpa/IN' denied
05-May-2020 17:26:06.726 samba_dlz: cancelling transaction on zone 0.168.192.in-addr.arpa
05-May-2020 17:26:06.729 samba_dlz: starting transaction on zone 0.168.192.in-addr.arpa
05-May-2020 17:26:06.734 samba_dlz: allowing update of signer=PC-353347\$\@DOMSETH.AC-TEST.FR name=206.0.168.192.in-addr.arpa tcpaddr=192.168.0.206 type=PTR key=1116-ms-7.1-377f17.bc87ef8d-8ee4-11ea-c289-0200c0a8006c/160/0
05-May-2020 17:26:06.736 samba_dlz: allowing update of signer=PC-353347\$\@DOMSETH.AC-TEST.FR name=206.0.168.192.in-addr.arpa tcpaddr=192.168.0.206 type=PTR key=1116-ms-7.1-377f17.bc87ef8d-8ee4-11ea-c289-0200c0a8006c/160/0
05-May-2020 17:26:06.736 client @0x7f676011d870 192.168.0.206#58708/key PC-353347\$\@DOMSETH.AC-TEST.FR: updating zone '0.168.192.in-addr.arpa/NONE': deleting rrset at '206.0.168.192.in-addr.arpa' PTR
05-May-2020 17:26:06.740 client @0x7f676011d870 192.168.0.206#58708/key PC-353347\$\@DOMSETH.AC-TEST.FR: updating zone '0.168.192.in-addr.arpa/NONE': adding an RR at '206.0.168.192.in-addr.arpa' PTR PC-353347.domseth.ac-test.fr.
05-May-2020 17:26:06.744 samba_dlz: added rdataset 206.0.168.192.in-addr.arpa '206.0.168.192.in-addr.arpa.    1200    IN    PTR    PC-353347.domseth.ac-test.fr.'
05-May-2020 17:26:06.747 samba_dlz: subtracted rdataset 0.168.192.in-addr.arpa '0.168.192.in-addr.arpa.    3600    IN    SOA    dc1.domseth.ac-test.fr. hostmaster.domseth.ac-test.fr. 2 900 600 86400 3600'
05-May-2020 17:26:06.748 samba_dlz: added rdataset 0.168.192.in-addr.arpa '0.168.192.in-addr.arpa.    3600    IN    SOA    dc1.domseth.ac-test.fr. hostmaster.domseth.ac-test.fr. 3 900 600 86400 3600'
05-May-2020 17:26:06.779 samba_dlz: committed transaction on zone 0.168.192.in-addr.arpa

root@dc1:/etc/bind# host -t PTR 192.168.0.206
206.0.168.192.in-addr.arpa domain name pointer PC-353347.domseth.ac-test.fr.

#8 Updated by Fabrice Barconnière over 1 year ago

  • Status changed from En cours to Nouveau

#9 Updated by Fabrice Barconnière over 1 year ago

  • Assigned To deleted (Fabrice Barconnière)

#10 Updated by Gilles Grandgérard over 1 year ago

  • Status changed from Nouveau to Fermé
  • Remaining (hours) set to 0.0

Also available in: Atom PDF