[WHATSNEW] Samba AD with MIT Kerberos + Version change

L.P.H. van Belle belle at bazuin.nl
Fri May 5 11:26:46 UTC 2017 

Works here now.  ;-) 

Made these changes 

Did you also modify python/samba/provision/kerberos.py:29:
  if _glue.is_heimdal_built:
to
  if _glue.is_heimdal_built():

Which fixed the creation off the kdc.conf. 



Next : 
Tried a provisioning 2 ways.
samba-tool domain provision --use-rfc2307 --server-role=dc --domain=NTTEST --kdc-config-dir=/etc/krb5kdc --realm=TEST.DOMAIN.TLD

samba-tool domain provision --use-rfc2307 --server-role=dc --domain=NTTEST --kdc-config-dir=/usr/local/samba/etc --realm=TEST.DOMAIN.TLD

Both Smb.conf are kdc.conf correct created. 

Now the first one is what im testing more.. 

I did 2 things. 
1 ) ln -s /usr/local/samba/lib/krb5/plugins/kdb/samba.so /usr/lib/x86_64-linux-gnu/krb5/plugins/kdb/samba.so
2 ) and added these to lines:

 cat /etc/ld.so.conf.d/libc.conf
# libc default configuration
/usr/local/lib
/usr/local/samba/lib			<<<<<<	
/usr/local/samba/lib/service		<<<<<<


And start samba. 
It stops here : 
 samba -i
samba version 4.7.0pre1-GIT-1e7bec4-Debian started.
Copyright Andrew Tridgell and the Samba Team 1992-2017
samba: using 'standard' process model
Attempting to autogenerate TLS self-signed keys for https for hostname 'DEBIAN8.test.domain.tld'
/usr/sbin/krb5kdc: krb5kdc: starting...
TLS self-signed keys generated OK
And the low now shows.

cat /usr/local/samba/var/mit_kdc.log
krb5kdc: Unable to load requested database module 'samba': plugin symbol 'kdb_function_table' not found - while initializing database for realm TEST.DOMAIN.TLD
krb5kdc: Unable to load requested database module 'samba': plugin symbol 'kdb_function_table' not found - while initializing database for realm TEST.DOMAIN.TLD

^^^^^ previous tests ... 

May 05 13:15:09 debian8 krb5kdc[3137](info): setting up network...
krb5kdc: setsockopt(18,IPV6_V6ONLY,1) worked
krb5kdc: setsockopt(20,IPV6_V6ONLY,1) worked
May 05 13:15:09 debian8 krb5kdc[3137](info): set up 4 sockets
May 05 13:15:09 debian8 krb5kdc[3137](info): commencing operation
(CTRL -C here ) 
May 05 13:17:00 debian8 krb5kdc[3137](info): closing down fd 20
May 05 13:17:00 debian8 krb5kdc[3137](info): closing down fd 19
May 05 13:17:00 debian8 krb5kdc[3137](info): closing down fd 18
May 05 13:17:00 debian8 krb5kdc[3137](info): closing down fd 17
May 05 13:17:00 debian8 krb5kdc[3137](info): shutting down

wbinfo -u
NTTEST\administrator
NTTEST\guest
NTTEST\krbtgt


And now Samba work now for me.


Greetz, 

Louis



> -----Oorspronkelijk bericht-----
> Van: samba-technical 
> [mailto:samba-technical-bounces at lists.samba.org] Namens 
> Rowland Penny via samba-technical
> Verzonden: vrijdag 5 mei 2017 12:53
> Aan: samba-technical at lists.samba.org
> Onderwerp: Re: [WHATSNEW] Samba AD with MIT Kerberos + Version change
> 
> On Fri, 05 May 2017 12:27:07 +0200
> Daniele Dario <d.dario76 at gmail.com> wrote:
> 
> > What happens if you change
> >   if _glue.is_heimdal_built:
> > to
> >   if _glue.is_heimdal_built():
> > 
> > If is_heimdal_built is a method and not a variable this 
> makes a lot of 
> > difference.
> 
> Yes that worked to get 'kdc.conf' created, but I still get:
> 
> krb5kdc: Unable to load requested database module 'samba': 
> plugin symbol 'kdb_function_table' not found - while 
> initializing database for realm TESTING.TLD
> 
> in /usr/local/samba/var/mit_kdc.log 
> 
> Rowland
> 
>

More information about the samba-technical mailing list