samba4 from BDC to PDC

Amitay Isaacs amitay at gmail.com
Thu Dec 29 05:22:37 MST 2011


Hi Daniele,

On Thu, Dec 29, 2011 at 10:18 PM, Daniele Dario <d.dario76 at gmail.com> wrote:

> I finished to prepare the VM and joined samba4 to the domain.
> As in the past, after the domain join no dns.keytab will be present in
> the private directory.
>
> As said by Gemes Geza, I exported the keytab using
> [root at kdc01:/usr/local/samba/private]# samba-tool domain exportkeytab
> dns.keytab
> [root at kdc01:/usr/local/samba/private]# samba-tool user add dns-kdc02
> --random-password
> [root at kdc01:/usr/local/samba/private]# samba-tool spn add
> DNS/kdc02.saitelitalia.local dns-kdc02
>
> At this point, if I start named
> [root at kdc01:~]# named -u bind -d 10 -g -c /etc/bind/named.conf
> it fails
> ...
> 29-Dec-2011 11:54:43.328 generating session key for dynamic DNS
> 29-Dec-2011 11:54:43.328 sizing zone task pool based on 5 zones
> 29-Dec-2011 11:54:43.329 decrement_reference: delete from rbt:
> 0xb6d2d548 .
> 29-Dec-2011 11:54:43.330 Loading 'AD DNS Zone' using driver dlopen
> 29-Dec-2011 11:54:43.330 Loading SDLZ driver.
> 29-Dec-2011 11:54:43.515 samba_dlz: Unable to get basedn
> for /usr/local/samba/private/dns/sam.ldb - NULL Base DN invalid for a
> base search
> 29-Dec-2011 11:54:43.515 dlz_dlopen of 'AD DNS Zone' failed
> 29-Dec-2011 11:54:43.515 SDLZ driver failed to load.
> 29-Dec-2011 11:54:43.515 DLZ driver failed to load.
> 29-Dec-2011 11:54:43.516 load_configuration: failure
> 29-Dec-2011 11:54:43.516 loading configuration: failure
> 29-Dec-2011 11:54:43.516 exiting (due to fatal error)
> ...
>
> What am I missing?
> If bind does not start I won't be able to see the AD DNS from windows (I
> use XP to doublecheck what I'm doing) so I can't check if I can add the
> reversed zone.

It appears that dlz_bind9 is unable to access the DNS partitions. May be there
is something wrong with the copy of samdb in private/dns directory.
private/dns/sam.ldb should be a copy of private/sam.ldb. Can you confirm that?
Does private/dns/sam.ldb.d have all files similar to private/sam.ldb.d?

Amitay.


More information about the samba-technical mailing list