Replication woes with s4 domain adding Win 2008 R2 DC
Greg Dickie
greg at justaguy.ca
Wed May 9 12:19:04 MDT 2012
[libdefaults]
default_realm = EXAMPLE.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = true
As I said kinit on the command line works. Does samba
use /etc/krb5.conf? I did not restart samba after copying it from
private. Just restarted it and it's now working!
Thanks and sorry for the confusion!
Greg
On Wed, 2012-05-09 at 09:06 -0700, Matthieu Patou wrote:
> On 05/09/2012 08:10 AM, Greg Dickie wrote:
> > Cool, that patch solves the first issue. Now I have the same problem I
> > had with DLZ.
> >
> > Now I get this:
> >
> > [2012/05/09 11:05:44,
> > 4] ../source4/dsdb/repl/drepl_notify.c:244(dreplsrv_notify_run_ops)
> > started DsReplicaSync for
> > CN=Schema,CN=Configuration,DC=example,DC=local to
> > 673a7013-32f0-4df4-a2fb-ed84c3e4072d._msdcs.example.local
> > [2012/05/09 11:05:44,
> > 4] ../auth/credentials/credentials_krb5.c:495(cli_credentials_get_client_gss_creds)
> > Failed to get kerberos credentials: kinit for HAMBA4$@EXAMPLE.LOCAL
> > failed (Cannot contact any KDC for requested realm)
> >
> > Which also seems to be a DNS issue but samba_{dns,spn}update both work
> > fine and so does "kinit administrator" and it "looks" like all the
> > appropriate entries are in DNS.
> Can you paste your /etc/krb5.conf ?
>
> Looks like maybe the _kerberos records are missing.
>
> Matthieu.
>
--
Greg Dickie
just a guy
514-983-5400
More information about the samba-technical
mailing list