On 09/05/13 18:36, steve wrote:
On 09/05/13 18:28, Jakub Hrozek wrote:
On Thu, May 09, 2013 at 03:28:25PM +0200, steve wrote:
On 09/05/13 15:03, steve wrote:
On 09/05/13 13:32, Jakub Hrozek wrote:
On Thu, May 09, 2013 at 01:00:02PM +0200, steve wrote:
Hi sssd seems to be sending the wrong request to the DNS server:
(Thu May 9 12:57:04 2013) [sssd[be[default]]] [ad_dyndns_nsupdate_done] (0x0040): DNS update finished (Thu May 9 12:57:06 2013) [sssd[be[default]]] [resolv_gethostbyname_done] (0x0040): querying hosts database failed [5]: Error de entrada/salida (Thu May 9 12:57:06 2013) [sssd[be[default]]] [nsupdate_get_addrs_done] (0x0040): Could not resolve address for this machine, error [5]: Error de entrada/salida, resolver returned: [11]: Could not contact DNS servers
The logs are telling you that the SSSD cannot resolve the machine's host name. Can you try overriding it with "ad_hostname" or adding the hostname to /ec/hosts ?
Hi I added: ad_hostname = pinoso.hh3.site to sssd.conf. It was already in /etc/hosts
Now the request is sent and we can see it on the Samba4 DC:
Tkey handshake completed Got a dns update request. update count is 1 Looking at record: discard_const(update): struct dns_res_rec name : 'pinoso.hh3.site' rr_type : DNS_QTYPE_A (0x1) rr_class : DNS_QCLASS_IN (0x1) ttl : 0x00000e10 (3600) length : 0x0004 (4) rdata : union dns_rdata(case 0x1) ipv4_record : 192.168.1.100 unexpected : DATA_BLOB length=0 Terminating connection - 'dns_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[dns_tcp_call_loop: tstream_read_pdu_blob_recv()
- NT_STATUS_CONNECTION_DISCONNECTED]
Terminating connection - 'dns_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' (Thu May 9 14:55:21 2013) [sssd[be[default]]]
But the IP is not updated. We changed it from 192.168.1.100 to 192.168.1.101. It does update if we reboot the machine
[sdap_dyndns_update_done] (0x0080): nsupdate failed, retrying with server name ; TSIG error with server: tsig verify failure ; TSIG error with server: tsig verify failure ; TSIG error with server: tsig verify failure update failed: SERVFAIL (Thu May 9 14:55:21 2013) [sssd[be[default]]] [child_sig_handler] (0x0020): child [1809] failed with status [2]. (Thu May 9 14:55:21 2013) [sssd[be[default]]] [nsupdate_child_handler] (0x0040): Dynamic DNS child failed with status [512] (Thu May 9 14:55:21 2013) [sssd[be[default]]] [be_nsupdate_done] (0x0040): nsupdate child execution failed [1432158226]: Dynamic DNS update failed (Thu May 9 14:55:21 2013) [sssd[be[default]]] [ad_dyndns_sdap_update_done] (0x0040): Dynamic DNS update failed [1432158226]: Dynamic DNS update failed (Thu May 9 14:55:21 2013) [sssd[be[default]]] [ad_dyndns_nsupdate_done] (0x0040): Updating DNS entry failed [1432158226]: Dynamic DNS update failed (Thu May 9 14:55:36 2013) [sssd[be[default]]] [ad_dyndns_nsupdate_done] (0x0040): DNS update finished (Thu May 9 14:55:52 2013) [sssd[be[default]]] [ad_dyndns_nsupdate_done] (0x0040): DNS update finished (Thu May 9 14:56:08 2013) [sssd[be[default]]] [ad_dyndns_nsupdate_done] (0x0040): DNS update finished
It is sending the old IP. 101 is the old IP. We changed it to 100, restarted the network, removed the cache and restarted sssd:
If you restarted the SSSD, then it *should* pick up the new address.
There are two ways a client can learn what IP address to use for dynamic DNS update: 1) retrieve the address automatically from the socket that is used to connect to the LDAP server. This is the default. 2) You can set the dyndns_iface option to name of an interface and then all addresses from that interface will be used during the update. I presume you are using 1), then without SSSD restart the old address might still be read from the socket I guess, but since you say you restarted the sssd, then I would expect it to pick up a new address.
Does this client use DHCP or only static addresses? Any chance the DHCP server might clobber the new address you set?
Hi This works: Start sssd set the IP login and out as ad user change the IP login again sssd consults the server and the IP is updated. Perfect!
Works with both static and dhcp IP changes.
Sorry. Only works with static IP changes. What would we do to get it working for dhcp too?