[Samba] Ubuntu client ddns failure
L.P.H. van Belle
belle at bazuin.nl
Tue May 20 08:25:25 MDT 2014
so what is you dhcp server sending as default.
Is there also domain/dns/search part in the main config and not only in the subnet part?
>-----Oorspronkelijk bericht-----
>Van: steve at steve-ss.com [mailto:samba-bounces at lists.samba.org]
>Namens steve
>Verzonden: dinsdag 20 mei 2014 16:26
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] Ubuntu client ddns failure
>
>On 20/05/14 16:10, Rowland Penny wrote:
>> On 20/05/14 14:52, L.P.H. van Belle wrote:
>>> not like this.
>>>> 127.0.0.1 localhost
>>>> 127.0.1.1 lubuntu-laptop.hh3.site lubuntu-laptop
>>> This is simply wrong, and cause by dhcp client at install.
>>
>> This is working for me on my laptop!
>>
>>>
>>> better...
>>> 127.0.0.1 localhost
>>> 192.168.1.22 lubuntu-laptop.hh3.site lubuntu-laptop
>>> for dedicated IP.
>>
>> Doing this is amounts to setting a fixed ip and what would
>happen if you
>> went somewhere else and got a different ipaddress via dhcp ??
>
>Exactly. We tried it anyway. Same problem. We have a tgt, but we're
>asking for DNS/a.root-servers.net at HH3.SITE instead of our own domain:
>DNS/hh3.site at HH3.SITE
>
>How do we get it to ask for the spn on our own domain? As do our
>openSUSE boxes.
>
>Strange.
>
>>
>> Rowland
>>
>>> Do you use resolvconf ( the packages, default is its used ) if so
>>> configure it.
>>> or configure /etc/network/interfaces and add the dns-nameserver
>>> dns-search dns-domain.
>>> when dns- is used resolvconf adds the info in /etc/resolv.conf
>>>
>>>
>>> Louis
>>>
>>>
>>>
>>>
>>>
>>>> -----Oorspronkelijk bericht-----
>>>> Van: rowlandpenny at googlemail.com
>>>> [mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>>>> Verzonden: dinsdag 20 mei 2014 15:36
>>>> Aan: samba at lists.samba.org
>>>> Onderwerp: Re: [Samba] Ubuntu client ddns failure
>>>>
>>>> On 20/05/14 14:12, steve wrote:
>>>>> Hi
>>>>> I'm trying to get an Ubuntu 14.04 client to update its rr to
>>>> a working
>>>>> bind dns DC with Samba 4.1.7. The setup is the same as with our
>>>>> openSUSE clients with sssd 1.11.15
>>>>> sssd.conf
>>>>> id_provider = ad
>>>>> auth_provider = ad
>>>>> access_provider = ad
>>>>> ldap_id_mapping = False
>>>>>
>>>>> /etc/hosts
>>>>> 127.0.0.1 lubuntu-laptop.hh3.site lubuntu-laptop
>>>>> 127.0.1.1 localhost
>>>>>
>>>> Don't know if this is your problem, but you have got
>/etc/hosts wrong,
>>>> shouldn't it be:
>>>>
>>>> 127.0.0.1 localhost
>>>> 127.0.1.1 lubuntu-laptop.hh3.site lubuntu-laptop
>>>>
>>>> Rowland
>>>>
>>>>> But it is sending a request for the wrong zone:
>>>>>
>>>>> Kerberos: ENC-TS Pre-authentication succeeded --
>>>>> LUBUNTU-LAPTOP$@HH3.SITE using arcfour-hmac-md5
>>>>> Kerberos: AS-REQ authtime: 2014-05-20T14:01:35 starttime: unset
>>>>> endtime: 2014-05-21T00:01:35 renew till: 2014-05-21T14:01:35
>>>>> Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96,
>>>>> aes128-cts-hmac-sha1-96, arcfour-hmac-md5, des3-cbc-sha1, 25, 26,
>>>>> using arcfour-hmac-md5/arcfour-hmac-md5
>>>>> Kerberos: Requested flags: renewable-ok
>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>> ipv4:192.168.1.22:40240 for ldap/hh16.hh3.site at HH3.SITE
>>>> [canonicalize,
>>>>> renewable]
>>>>> Kerberos: TGS-REQ authtime: 2014-05-20T14:01:35 starttime:
>>>>> 2014-05-20T14:01:35 endtime: 2014-05-21T00:01:35 renew till:
>>>>> 2014-05-21T14:01:35
>>>>> Terminating connection - 'kdc_tcp_call_loop:
>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>>>>> single_terminate: reason[kdc_tcp_call_loop:
>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>> ipv4:192.168.1.22:40241 for DNS/a.root-servers.net at HH3.SITE
>>>>> [canonicalize, renewable]
>>>>> Kerberos: Searching referral for a.root-servers.net
>>>>> Kerberos: Returning a referral to realm ROOT-SERVERS.NET
>for server
>>>>> DNS/a.root-servers.net at HH3.SITE that was not found
>>>>> Failed find a single entry for
>>>>>
>>>> (&(objectClass=trustedDomain)(|(flatname=ROOT-SERVERS.NET)(trus
>>>> tPartner=ROOT-SERVERS.NET))):
>>>>> got 0
>>>>> Kerberos: samba_kdc_fetch: could not find principal in DB
>>>>> Kerberos: Server not found in database:
>>>>> krbtgt/ROOT-SERVERS.NET at HH3.SITE: no such entry found in hdb
>>>>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40241
>>>>> Terminating connection - 'kdc_tcp_call_loop:
>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>>>>> single_terminate: reason[kdc_tcp_call_loop:
>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>> ipv4:192.168.1.22:40242 for DNS/a.root-servers.net at HH3.SITE
>>>> [renewable]
>>>>> Kerberos: Server not found in database:
>>>>> DNS/a.root-servers.net at HH3.SITE: no such entry found in hdb
>>>>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40242
>>>>> Terminating connection - 'kdc_tcp_call_loop:
>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>>>>> single_terminate: reason[kdc_tcp_call_loop:
>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>> ipv4:192.168.1.22:40243 for DNS/a.root-servers.net at HH3.SITE
>>>>> [canonicalize, renewable]
>>>>> Kerberos: Searching referral for a.root-servers.net
>>>>> Kerberos: Returning a referral to realm ROOT-SERVERS.NET
>for server
>>>>> DNS/a.root-servers.net at HH3.SITE that was not found
>>>>> Failed find a single entry for
>>>>>
>>>> (&(objectClass=trustedDomain)(|(flatname=ROOT-SERVERS.NET)(trus
>>>> tPartner=ROOT-SERVERS.NET))):
>>>>> got 0
>>>>> Kerberos: samba_kdc_fetch: could not find principal in DB
>>>>> Kerberos: Server not found in database:
>>>>> krbtgt/ROOT-SERVERS.NET at HH3.SITE: no such entry found in hdb
>>>>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40243
>>>>> Terminating connection - 'kdc_tcp_call_loop:
>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>>>>> single_terminate: reason[kdc_tcp_call_loop:
>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>> ipv4:192.168.1.22:40244 for DNS/a.root-servers.net at HH3.SITE
>>>> [renewable]
>>>>> Kerberos: Server not found in database:
>>>>> DNS/a.root-servers.net at HH3.SITE: no such entry found in hdb
>>>>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40244
>>>>>
>>>>> The worrying thing is that we can still get tickets even
>>>> though it has
>>>>> the wrong A record in DNS.
>>>>> What is this, 'a.root-servers.net' business? Why not our domain?
>>>>> What have we overlooked?
>>>>> Thanks,
>>>>> Steve
>>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>
>>>>
>>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list