[Samba] Ubuntu DC dns update failure

Davor Vusir davortvusir at gmail.com
Thu Jun 5 23:31:31 MDT 2014 

On 2014-06-05 23:06, steve wrote:
> On Thu, 2014-06-05 at 22:03 +0200, Davor Vusir wrote:
>> In my working ubuntu 14.04 and Samba 4.1.8 the configurations that
>> differ are:
>>
>> /etc/hosts
>> 127.0.0.1 palmera.altea.site palmera localhost localhost.localdomain
>> 192.168.1.132 palmera.altea.site palmera
>>
>> and that the [realm] part in /etc/krb5.conf is missing.
>>
>> Regards
>> Davor
> Unfortunately, no change. Still the dnsupdate fails.
> Steve
Sorry to hear that. Our setups looks identical but I've got no more help 
to give.

About the first error. I too have it in the log. It seems that as of 
13.10 Ubuntu updated the library libbsd-dev: 
https://launchpad.net/ubuntu/+source/libbsd/0.6.0-1. From my shallow 
knowledge about Linux and Samba I would say that Samba 4.1.8 does not 
respect the changes.

/Davor

>>
>> Den 5 jun 2014 20:38 skrev "steve" <steve at steve-ss.com>:
>>          Hi
>>          Lubuntu 14.04 with bind9 and the samba 4.1.8 tarball
>>          All seems well. However, 2 errors:
>>          
>>          1. upon starting samba:
>>          samba: setproctitle not initialized, please either call
>>          setproctitle_init() or link against libbsd-ctor.
>>          
>>          2. samba_dnsupdate
>>          - error from samba:
>>          ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
>>          NT_STATUS_IO_TIMEOUT
>>          
>>          - error whilst running samba_dnsupdate:
>>          Looking for DNS entry SRV
>>          _gc._tcp.default-first-site-name._sites.altea.site
>>          palmera.altea.site
>>          3268 as _gc._tcp.default-first-site-name._sites.altea.site.
>>          Checking 0 100 3268 palmera.altea.site. against SRV
>>          _gc._tcp.default-first-site-name._sites.altea.site
>>          palmera.altea.site
>>          3268
>>          Traceback (most recent call last):
>>            File "/usr/local/samba/sbin/samba_dnsupdate", line 510, in
>>          <module>
>>              get_credentials(lp)
>>            File "/usr/local/samba/sbin/samba_dnsupdate", line 123, in
>>          get_credentials
>>              raise e
>>          RuntimeError: kinit for PALMERA$@ALTEA.SITE failed (Cannot
>>          contact any
>>          KDC for requested realm)
>>          
>>          /etc/hosts
>>          127.0.0.1 localhost
>>          192.168.1.132 palmera.altea.site palmera
>>          
>>          /etc/resolv.conf
>>          nameserver 192.168.1.132
>>          search altea.site
>>          
>>          /etc/hostname
>>          palmera.altea.site
>>          
>>           /etc/krb5.conf
>>          [libdefaults]
>>                  default_realm = ALTEA.SITE
>>                  dns_lookup_realm = false
>>                  dns_lookup_kdc = true
>>          [realms]
>>            ALTEA.SITE = {
>>            kdc = palmera.altea.site:88
>>           }
>>          
>>          apparmor is not running
>>          
>>          
>>          hostname -d -s and -d all return correctly
>>          bind 9 loads the samba_dlz partitions OK
>>          all the dns checks in the howto pass OK
>>          
>>          It seems that it's failing getting a ticket using the machine
>>          key,
>>          however we can kinit using secrets.keytab fine.
>>          
>>          Here is private:
>>          drwxrwx--- 3 bind bind    4096 jun  5 18:41 dns
>>          -rw-r----- 1 bind bind     742 jun  5 18:41 dns.keytab
>>          -rw-r--r-- 1 root root    2270 jun  5 18:41 dns_update_list
>>          -rw------- 1 root root 1286144 jun  5 18:40 hklm.ldb
>>          -rw------- 1 root root 1609728 jun  5 19:25 idmap.ldb
>>          -rw-r--r-- 1 root root      91 jun  5 18:41 krb5.conf
>>          srwxrwxrwx 1 root root       0 jun  5 20:33 ldapi
>>          drwxr-x--- 2 root root    4096 jun  5 20:33 ldap_priv
>>          -rw-r--r-- 1 root bind     555 jun  5 19:22 named.conf
>>          -rw-r--r-- 1 root root     555 jun  5 19:21 named.conf~
>>          -r--r--r-- 1 root root     220 jun  5 18:52 named.conf.update
>>          -rw-r--r-- 1 root root    2212 jun  5 18:41 named.txt
>>          -rw------- 1 root root 1286144 jun  5 18:40 privilege.ldb
>>          -rw------- 1 root root     696 jun  5 18:52 randseed.tdb
>>          -rw------- 1 root root 4251648 jun  5 18:41 sam.ldb
>>          drwxr-x--- 2 root bind    4096 jun  5 18:41 sam.ldb.d
>>          -rw------- 1 root root     696 jun  5 20:32 schannel_store.tdb
>>          -rw------- 1 root bind    1082 jun  5 18:41 secrets.keytab
>>          -rw------- 1 root root 1286144 jun  5 18:41 secrets.ldb
>>          -rw------- 1 root root  430080 jun  5 20:33 secrets.tdb
>>          -rw------- 1 root root 1286144 jun  5 18:40 share.ldb
>>          drwxr-xr-x 3 root root    4096 jun  5 18:52 smbd.tmp
>>          -rw-r--r-- 1 root root     955 jun  5 18:41 spn_update_list
>>          drwx------ 2 root root    4096 jun  5 18:52 tls
>>          
>>          Any ideas anyone?
>>          Cheers,
>>          Steve
>>          
>>          
>>          --
>>          To unsubscribe from this list go to the following URL and read
>>          the
>>          instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list