[Samba] TSIG failure
Dave Hawkes
daveh at cadlink.com
Tue Jul 19 13:52:50 UTC 2016
I'm attempting to join samba 4 (using latest 4.4 built from source) as
DC to an existing Win 2k8 server domain. The join works fine with no
errors and appears to be replicating fine. However the DNS is not
updated and I get the following error multiple times when running
samba_dnsupdate --all-names:
TSIG error with server: tsig verify failure
I've checked the time and all servers are synchronised, however if I
capture the temporary ticket that is produced for nsupdate the Service
principal is not the name of the samba 4 server but the name of one of
the Win 2k8 servers.
When I check this on a test domain of purely samba 4 servers the Service
Principal is always the name of the server updating itself.
I've tried both BIND_DLZ and INTERNAL DNS and they both give the same error.
Does anyone have any ideas what is going on?
Thanks,
Dave Hawkes
More information about the samba
mailing list