[Samba] Samba4 in FreeBSD 9 i386 for Domain controller not working. Samba version 4.1.0 pre1-GIT cf15406
Rowland Penny
rpenny at f2s.com
Mon Nov 19 12:15:46 MST 2012
On 19/11/12 18:46, pccom frank wrote:
> Hi,Rowland!
> Thank you for your help.
> Change the dns server to the samba server make things better. But
> still not working.
>
> root at f10:/etc # /usr/local/samba/sbin/samba -i -M single
> samba version 4.1.0pre1-GIT-e6a100e started.
> Copyright Andrew Tridgell and the Samba Team 1992-2012
> samba: using 'single' process model
> /usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot
> specify -gor -o, program not linked with GSS API Library
> /usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot
> specify -gor -o, program not linked with GSS API Library
> /usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot
> specify -gor -o, program not linked with GSS API Library
> ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
> NT_STATUS_UNSUCCESSFUL
> ^C
> root at f10:/etc # cat /etc/resolv.conf
> domain f10.pcccom.ca
> nameserver 127.0.0.1
>
>
>
> root at f10:/etc # /usr/local/samba/sbin/samba -i -M single
> samba version 4.1.0pre1-GIT-e6a100e started.
> Copyright Andrew Tridgell and the Samba Team 1992-2012
> samba: using 'single' process model
> ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
> NT_STATUS_IO_TIMEOUT
>
>
> ^C
> root at f10:/etc # cat /etc/resolv.conf
> domain f10.pcccom.ca
> nameserver 192.1681.1.100
> root at f10:/etc # ifconfig
> re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
> options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
> ether 90:e6:ba:88:db:31
> inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
> inet6 fe80::92e6:baff:fe88:db31%re0 prefixlen 64 scopeid 0x1
> nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
> media: Ethernet autoselect (100baseTX <full-duplex>)
> status: active
>
>
> > Date: Mon, 19 Nov 2012 16:33:24 +0000
> > From: rpenny at f2s.com
> > To: samba at lists.samba.org
> > Subject: Re: [Samba] Samba4 in FreeBSD 9 i386 for Domain controller
> not working. Samba version 4.1.0 pre1-GIT cf15406
> >
> > On 19/11/12 02:50, Pccom Frank wrote:
> > > Thank you Andrew!
> > > You are right. Let FreeBSD start its own Kerberos does not make
> sense since
> > > Samba4 has its own Kerberos.
> > > I can not get Samba4's Kerberos working.
> > > The following is the message I run Samba4.
> > >
> > > I am using the Samba4's internal DNS.
> > > I copied krb5.conf from /usr/local/samba/private to /etc after I run
> > > samba-tool domain provision.
> > >
> > >
> > >
> > > root at f10:/usr/local/samba/sbin # ./samba -i -M single
> > > samba version 4.1.0pre1-GIT-e6a100e started.
> > > Copyright Andrew Tridgell and the Samba Team 1992-2012
> > > samba: using 'single' process model
> > > /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call
> last):
> > > /usr/local/samba/sbin/samba_dnsupdate: File
> > > "/usr/local/samba/sbin/samba_dnsupdate", line 507, in <module>
> > > /usr/local/samba/sbin/samba_dnsupdate: get_credentials(lp)
> > > /usr/local/samba/sbin/samba_dnsupdate: File
> > > "/usr/local/samba/sbin/samba_dnsupdate", line 121, in get_credentials
> > > /usr/local/samba/sbin/samba_dnsupdate: creds.get_named_ccache(lp,
> > > ccachename)
> > > /usr/local/samba/sbin/samba_dnsupdate: RuntimeError: kinit for F10$@
> > > F10.PCCOM.CA failed (Cannot contact any KDC for requested realm)
> > > /usr/local/samba/sbin/samba_dnsupdate:
> > > ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
> > > NT_STATUS_ACCESS_DENIED
> > >
> > >
> > >
> > > root at f10:/usr/local/samba/sbin # uname -a
> > > FreeBSD f10 10.0-CURRENT FreeBSD 10.0-CURRENT #0: Sat Oct 6
> 04:49:30 UTC
> > > 2012
> root at build-i386-fbsd-2.allbsd.org:/usr/obj/i386.i386/usr/src/sys/GENERIC
> > > i386
> > >
> > >
> > > root at f10:/usr/local/samba/sbin # cat /etc/resolv.conf
> > > domain f10.pcccom.ca
> > > nameserver 192.168.1.1
> > >
> > > root at f10:/usr/local/samba/sbin # nslookup samba.org
> > > Server: 192.168.1.1
> > > Address: 192.168.1.1#53
> > >
> > > Non-authoritative answer:
> > > Name: samba.org
> > > Address: 216.83.154.106
> > >
> > > It looks the DNS server has no problem.
> > >
> > > Please help me out!
> > >
> > > On Sun, Nov 18, 2012 at 6:38 PM, Andrew Bartlett
> <abartlet at samba.org> wrote:
> > >
> > >> On Fri, 2012-11-16 at 16:42 -0500, Pccom Frank wrote:
> > >>> Hi, Samab gurus!
> > >>>
> > >>> I tried to make Samba4 work on FreeBSD 9.1 i386 but failed to
> join an XP
> > >>> computer to the domain.
> > >>>
> > >>> What I did is:
> > >>>
> > >>> 1, git clone git://git.samba.org/samba.git samba-master
> > >>>
> > >>> 2, cd /usr/local/samba-master
> > >>> 3, ./configure --enable-debug --enable-selftest && make && make
> install
> > >>> 4, /usr/local/samba/sbin/samba-tool domain provision
> > >>> --realm=xyz.pccom.ca--domain=dcxyz --adminpass='123456'
> > >>> --server-role=dc
> > >>> 5, cp /usr/local/samba/private/krb.conf /etc
> > >> What suggested that you should do this?
> > >>
> > >>> 6, echo 'kerberos5_server_enable="YES"' >> /etc/rc.conf
> > >>> 7, echo 'kadmind5_server_enable="YES"' >> /etc/rc.conf
> > >> This step is not included in any official Samba HOWTO.
> > >>
> > >>> 8, echo 'domain xyz.pccom.ca' >> /etc/resolv.conf
> > >>> the dns server keep the same as before.
> > >>> 9, /usr/local/samba/bin/samba -i -M single
> > >>>
> > >>> I found
> > >>>
> > >>> "Failed to bind to 192.168.1.248 UDP_NT_ADDRESS_ALREADY_ASSOCIATED"
> > >> Our KDC cannot start because you enabled a different KDC and it is
> > >> listening on port 88 already.
> > >>
> > >> Andrew Bartlett
> > >>
> > >> --
> > >> Andrew Bartlett http://samba.org/~abartlet/
> > >> Authentication Developer, Samba Team http://samba.org
> > >>
> > >>
> > >>
> > Hello, is the ipaddress of the samba 4 server 192.168.1.1 ? because
> > earlier you had a problem connecting to the KDC on 192.168.1.248
> > If 192.168.1.1 is a different machine, then alter the nameserver
> line in
> > /etc/resolv.conf to point to either your samba4 servers ipaddress or
> > 127.0.0.1
> >
> > Rowland
> >
> >
> > --
> > This message has been scanned for viruses and
> > dangerous content by MailScanner, and is
> > believed to be clean.
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
>
> --
> This message has been scanned for viruses and
> dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
> believed to be clean.
That looks like a problem with bind9utils on freebsd not samba4
Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the samba
mailing list