[Samba] net ads info: failed to get server's current time
Rowland Penny
rowlandpenny241155 at gmail.com
Wed Oct 28 10:32:31 UTC 2015
On 28/10/15 10:09, Guy-Laurent Subri wrote:
> My version of Samba is 4.1.17. I don't think this changes anything, but
> I can try to upgrade if needed.
OK, looks like you are running Debian, either wheezy using backports or
Jessie and my old DC is running wheezy and net ads info works on that.
> Here are the files:
>
> /etc/ntp.conf
> -------------
> driftfile /var/lib/ntp/ntp.drift
> ntpsigndsocket /var/lib/samba/ntp_signd
>
> statsdir /var/log/ntpstats/
>
> server 0.ch.pool.ntp.org
> server 1.ch.pool.ntp.org
> server 2.ch.pool.ntp.org
> server 3.ch.pool.ntp.org
>
> restrict -4 default kod notrap nomodify nopeer noquery mssntp
> restrict -6 default kod notrap nomodify nopeer noquery mssntp
>
> restrict 127.0.0.1
> restrict ::1
>
> restrict 0.ch.pool.ntp.org mask 255.255.255 nomodify notrap nopeer
> noquery
>
> broadcast 192.168.123.255
>
I would suggest that you either remove the last 3 'server' lines or add
another 3 'restrict' lines to cover them.
> /etc/bind/named.conf
> --------------------
> include "/etc/bind/named.conf.options";
> include "/etc/bind/named.conf.local";
> include "/etc/bind/named.conf.default-zones";
> include "/var/lib/samba/private/named.conf";
>
> /etc/bind/named.conf.options
> ----------------------------
> options {
> directory "/var/cache/bind";
>
> forwarders {
> 192.168.1.185;
> };
What is the forwarder ?
> dnssec-validation auto;
>
> auth-nxdomain no;
> allow-query { localhost; any; };
> listen-on port 53 { 127.0.0.1; 192.168.1.17; };
> listen-on-v6 { any; };
> };
>
> /etc/bind/named.conf.local --------------------------
> is empty
>
> /etc/bind/named.conf.default-zones
> ----------------------------------
> zone "." {
> type hint;
> file "/etc/bind/db.root";
> };
>
> zone "localhost" {
> type master;
> file "/etc/bind/db.local";
> };
>
> zone "127.in-addr.arpa" {
> type master;
> file "/etc/bind/db.127";
> };
>
> zone "0.in-addr.arpa" {
> type master;
> file "/etc/bind/db.0";
> };
>
> zone "255.in-addr.arpa" {
> type master;
> file "/etc/bind/db.255";
> };
>
> /var/lib/samba/private/named.conf
> ---------------------------------
> zone "trs-ch.com." IN {
> type master;
> file "/var/lib/samba/private/dns/trs-ch.com.zone";
> include "/var/lib/samba/private/named.conf.update";
> check-names ignore;
> };
This is wrong, /var/lib/samba/private/named.conf should be:
dlz "AD DNS Zone" {
# For BIND 9.8.0
#database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9.so";
# For BIND 9.9.0
database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_9.so";
};
>
> resolv.conf
> -----------
> search trs-ch.com
> nameserver 192.168.1.17
> nameserver 192.168.1.7
>
What is the second nameserver ? if it is a second DC, swap them around,
otherwise remove it.
> krb5.conf
> ---------
> [libdefaults]
> default_realm = TRS-CH.COM
> dns_lookup_realm = false
> dns_lookup_kdc = true
> [realms]
> TRS-CH.COM = {
> kdc = 192.168.1.17
> admin_server = 192.168.1.17
> default_domain = trs-ch.com
> }
> [TRS-CH.COM]
> .trs-ch.com = TRS-CH.COM
> trs.ch.com =
> TRS-CH.COM
>
You only need this in /etc/krb5.conf
[libdefaults]
default_realm = TRS-CH.COM
dns_lookup_realm = false
dns_lookup_kdc = true
Rowland
More information about the samba
mailing list