Sunday, April 28, 2024
Homepage · 12.04
 Popular · Latest · Hot · Upcoming
0
rated 0 times [  0] [ 0]  / answers: 1 / hits: 8689  / 3 Years ago, wed, june 23, 2021, 7:07:48

I followed this guide to install Samba 4 as an Active Directory Domain Controller and got stuck on starting bind9.



Here are some important configuration files and logs.



tail /var/log/syslog:



Mar  2 23:02:11 mail named[3552]: listening on IPv4 interface eth0, 31.31.79.102#53

Mar  2 23:02:11 mail named[3552]: generating session key for dynamic DNS

Mar  2 23:02:11 mail named[3552]: sizing zone task pool based on 5 zones

Mar  2 23:02:11 mail named[3552]: Loading 'AD DNS Zone' using driver dlopen

Mar  2 23:02:11 mail named[3552]: samba_dlz: Failed to connect to /var/lib/samba/private/dns/sam.ldb

Mar  2 23:02:11 mail named[3552]: dlz_dlopen of 'AD DNS Zone' failed

Mar  2 23:02:11 mail named[3552]: SDLZ driver failed to load.

Mar  2 23:02:11 mail named[3552]: DLZ driver failed to load.

Mar  2 23:02:11 mail named[3552]: loading configuration: failure

Mar  2 23:02:11 mail named[3552]: exiting (due to fatal error)


ls -l /var/lib/samba/private/dns/:



total 144

-rwxrwxrwx 1 root memcache 143360 Mar  2 15:25 sam.ldb

drwxrwxrwx 2 root memcache   4096 Mar  2 15:25 sam.ldb.d


cat /etc/apparmor.d/usr.sbin.named:



# vim:syntax=apparmor

# Last Modified: Fri Jun  1 16:43:22 2007

#include <tunables/global>



/usr/sbin/named {

  #include <abstractions/base>

  #include <abstractions/nameservice>



  capability net_bind_service,

  capability setgid,

  capability setuid,

  capability sys_chroot,

  capability sys_resource,



  # /etc/bind should be read-only for bind

  # /var/lib/bind is for dynamically updated zone (and journal) files.

  # /var/cache/bind is for slave/stub data, since we're not the origin of it.

  # See /usr/share/doc/bind9/README.Debian.gz

  /etc/bind/** r,

  /var/lib/bind/** rw,

  /var/lib/bind/ rw,

  /var/cache/bind/** rw,

  /var/cache/bind/ rw,



  # gssapi

  /etc/krb5.keytab kr,

  /etc/bind/krb5.keytab kr,



  # ssl

  /etc/ssl/openssl.cnf r,



  # dnscvsutil package

  /var/lib/dnscvsutil/compiled/** rw,



  /proc/net/if_inet6 r,

  /proc/*/net/if_inet6 r,

  /usr/sbin/named mr,

  /{,var/}run/named/named.pid w,

  /{,var/}run/named/session.key w,

  # support for resolvconf

  /{,var/}run/named/named.options r,



  # some people like to put logs in /var/log/named/ instead of having

  # syslog do the heavy lifting.

  /var/log/named/** rw,

  /var/log/named/ rw,



  # Site-specific additions and overrides. See local/README for details.

  #include <local/usr.sbin.named>



  /var/lib/samba/private/** rkw,

  /var/lib/samba/private/dns/** rkw,

  /usr/lib/x86_64-linux-gnu/samba/bind9/** rm,

  /usr/lib/x86_64-linux-gnu/samba/gensec/** rm,

  /usr/lib/x86_64-linux-gnu/ldb/modules/ldb/** rm,

  /usr/lib/x86_64-linux-gnu/samba/ldb/** rm,

  /usr/lib/x86_64-linux-gnu/plugin/krb5/** rm,

}


/etc/init.d/apparmor reload:



 * Reloading AppArmor profiles

 Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd

 [ OK ]


service bind9 start:



 * Starting domain name service... bind9

 [fail]

More From » 12.04
 Answers
6

There was bad installation.
When I reinstalled that It started correctly.


[#32396] Friday, June 25, 2021, 3 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
peafowkes
Add To Favorites
Follow
Total Points: 356
Total Questions: 102
Total Answers: 117
Location: Lebanon
Member since Tue, Oct 12, 2021
3 Years ago
peafowkes questions
Mon, Jan 3, 22, 06:00, 2 Years ago
Thu, Apr 28, 22, 20:02, 2 Years ago
Sat, Aug 27, 22, 09:16, 2 Years ago
Tue, Dec 6, 22, 20:59, 1 Year ago
Wed, Jan 19, 22, 14:29, 2 Years ago
View All
;