Ubuntu: Why won't bind9 start with Samba 4 AD DC? [closed]



Question:

I followed this guide to install Samba 4 as an Active Directory Domain Controller and got stuck on starting bind9.

Here are some important configuration files and logs.

tail /var/log/syslog:

Mar  2 23:02:11 mail named[3552]: listening on IPv4 interface eth0, 31.31.79.102#53  Mar  2 23:02:11 mail named[3552]: generating session key for dynamic DNS  Mar  2 23:02:11 mail named[3552]: sizing zone task pool based on 5 zones  Mar  2 23:02:11 mail named[3552]: Loading 'AD DNS Zone' using driver dlopen  Mar  2 23:02:11 mail named[3552]: samba_dlz: Failed to connect to /var/lib/samba/private/dns/sam.ldb  Mar  2 23:02:11 mail named[3552]: dlz_dlopen of 'AD DNS Zone' failed  Mar  2 23:02:11 mail named[3552]: SDLZ driver failed to load.  Mar  2 23:02:11 mail named[3552]: DLZ driver failed to load.  Mar  2 23:02:11 mail named[3552]: loading configuration: failure  Mar  2 23:02:11 mail named[3552]: exiting (due to fatal error)     

ls -l /var/lib/samba/private/dns/:

total 144  -rwxrwxrwx 1 root memcache 143360 Mar  2 15:25 sam.ldb  drwxrwxrwx 2 root memcache   4096 Mar  2 15:25 sam.ldb.d  

cat /etc/apparmor.d/usr.sbin.named:

# vim:syntax=apparmor  # Last Modified: Fri Jun  1 16:43:22 2007  #include <tunables/global>    /usr/sbin/named {    #include <abstractions/base>    #include <abstractions/nameservice>      capability net_bind_service,    capability setgid,    capability setuid,    capability sys_chroot,    capability sys_resource,      # /etc/bind should be read-only for bind    # /var/lib/bind is for dynamically updated zone (and journal) files.    # /var/cache/bind is for slave/stub data, since we're not the origin of it.    # See /usr/share/doc/bind9/README.Debian.gz    /etc/bind/** r,    /var/lib/bind/** rw,    /var/lib/bind/ rw,    /var/cache/bind/** rw,    /var/cache/bind/ rw,      # gssapi    /etc/krb5.keytab kr,    /etc/bind/krb5.keytab kr,      # ssl    /etc/ssl/openssl.cnf r,      # dnscvsutil package    /var/lib/dnscvsutil/compiled/** rw,      /proc/net/if_inet6 r,    /proc/*/net/if_inet6 r,    /usr/sbin/named mr,    /{,var/}run/named/named.pid w,    /{,var/}run/named/session.key w,    # support for resolvconf    /{,var/}run/named/named.options r,      # some people like to put logs in /var/log/named/ instead of having    # syslog do the heavy lifting.    /var/log/named/** rw,    /var/log/named/ rw,      # Site-specific additions and overrides. See local/README for details.    #include <local/usr.sbin.named>      /var/lib/samba/private/** rkw,    /var/lib/samba/private/dns/** rkw,    /usr/lib/x86_64-linux-gnu/samba/bind9/** rm,    /usr/lib/x86_64-linux-gnu/samba/gensec/** rm,    /usr/lib/x86_64-linux-gnu/ldb/modules/ldb/** rm,    /usr/lib/x86_64-linux-gnu/samba/ldb/** rm,    /usr/lib/x86_64-linux-gnu/plugin/krb5/** rm,  }  

/etc/init.d/apparmor reload:

 * Reloading AppArmor profiles   Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd   [ OK ]  

service bind9 start:

 * Starting domain name service... bind9   [fail]  


Solution:1

These are the directory permissions sam.ldb:

chown named:named /usr/local/samba/private/dns  


Solution:2

There was bad installation. When I reinstalled that It started correctly.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »