[Samba] [samba] DNS update failed!
k.maksimov
k.maksimov at butb.by
Wed Jul 28 08:10:29 MDT 2010
Alexander R. Fahrutdinov wrote:
> В сообщении от 28 июля 2010 10:15:25 автор k.maksimov написал:
>
>> Anton wrote:
>>
>>> On 28 July 2010 01:45, k.maksimov <k.maksimov at butb.by> wrote:
>>>
>>>> I have two networks: 192.168.1.0 with netmask 255.255.255.0 and
>>>> 172.16.0.0 with netmask 255.255.254.0, when I join in domain in first
>>>> network hostname registered successfully, but in second network:
>>>>
>>>> sudo net ads join -U admin
>>>> Enter admin's password:
>>>> Using short domain name -- BUTB
>>>> Joined 'TH-2-011' to realm 'butb.by'
>>>> DNS update failed!
>>>>
>>> As far as I can tell (I'm not entirely certain though) this is an
>>> Active Directory / Windows Server configuration issue around loosening
>>> permissions enough for the DHCP service to update the DNS records.
>>>
>>> I don't know exactly what settings need to be configured though, as I
>>> didn't manage to get it working either. In the end I decided to keep
>>> the standard security and just use static IPs and DNS records for
>>> winbind machines.
>>>
>> I'm use static IP and I haven't DHCP. and this problem not an AD:
>> Windows machines successfully update DNS.
>>
>> also I have ~200 machines and I can't add every DNS record manually.
>>
> Please show output for command "net ads dns register -P -d 4". PC must be
> already added to domain
>
sudo net ads dns register -P -d 4
[2010/07/28 14:21:32, 3] param/loadparm.c:9039(lp_load_ex)
lp_load_ex: refreshing parameters
[2010/07/28 14:21:32, 3] param/loadparm.c:4848(init_globals)
Initialising global parameters
[2010/07/28 14:21:32, 2] param/loadparm.c:4707(max_open_files)
rlimit_max: rlimit_max (1024) below minimum Windows limit (16384)
[2010/07/28 14:21:32, 3] ../lib/util/params.c:550(pm_process)
params.c:pm_process() - Processing configuration file
"/etc/samba/smb.conf"
[2010/07/28 14:21:32, 3] param/loadparm.c:7726(do_section)
Processing section "[global]"
doing parameter workgroup = BUTB
doing parameter netbios name = %h
[2010/07/28 14:21:32, 4] param/loadparm.c:7088(handle_netbios_name)
handle_netbios_name: set global_myname to: TH-3-059
doing parameter dos charset = cp866
doing parameter unix charset = UTF8
doing parameter server string = %h server (Samba, Linux)
doing parameter dns proxy = no
doing parameter name resolve order = lmhosts wins bcast host
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 1000
doing parameter syslog = 0
doing parameter panic action = /usr/share/samba/panic-action %d
doing parameter security = ADS
doing parameter encrypt passwords = true
doing parameter passdb backend = tdbsam
doing parameter obey pam restrictions = yes
doing parameter unix password sync = yes
doing parameter password server = ad, ad2
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
doing parameter pam password change = yes
doing parameter map to guest = bad user
doing parameter idmap uid = 10000-20000
doing parameter idmap gid = 10000-20000
doing parameter winbind uid = 10000-20000
doing parameter winbind gid = 10000-20000
doing parameter template shell = /bin/bash
doing parameter template homedir = /home/%U
doing parameter winbind separator = /
doing parameter winbind offline logon = true
doing parameter winbind cache time = 86400
doing parameter passdb backend = tdbsam
doing parameter realm = butb.by
doing parameter winbind use default domain = yes
doing parameter usershare allow guests = yes
[2010/07/28 14:21:32, 4] param/loadparm.c:9074(lp_load_ex)
pm_process() returned Yes
[2010/07/28 14:21:32, 2] lib/interface.c:340(add_interface)
added interface eth0 ip=fe80::201:2eff:fe2b:3ff6%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
[2010/07/28 14:21:32, 2] lib/interface.c:340(add_interface)
added interface eth0 ip=172.16.0.101 bcast=172.16.1.255
netmask=255.255.254.0
[2010/07/28 14:21:32, 4] libsmb/namequery_dc.c:73(ads_dc_name)
ads_dc_name: domain=BUTB
[2010/07/28 14:21:32, 3] libsmb/namequery.c:1972(get_dc_list)
get_dc_list: preferred server list: "ad.butb.by, ad, ad2"
[2010/07/28 14:21:32, 4] libsmb/namequery.c:2105(get_dc_list)
get_dc_list: returning 2 ip addresses in an ordered list
[2010/07/28 14:21:32, 4] libsmb/namequery.c:2106(get_dc_list)
get_dc_list: 192.168.1.2:389 192.168.1.5:389
[2010/07/28 14:21:32, 3] libads/ldap.c:621(ads_connect)
Successfully contacted LDAP server 192.168.1.2
[2010/07/28 14:21:32, 3] libsmb/namequery.c:1972(get_dc_list)
get_dc_list: preferred server list: "ad.butb.by, ad, ad2"
[2010/07/28 14:21:32, 4] libsmb/namequery.c:2105(get_dc_list)
get_dc_list: returning 2 ip addresses in an ordered list
[2010/07/28 14:21:32, 4] libsmb/namequery.c:2106(get_dc_list)
get_dc_list: 192.168.1.2:389 192.168.1.5:389
[2010/07/28 14:21:32, 3] libsmb/namequery.c:1972(get_dc_list)
get_dc_list: preferred server list: "ad.butb.by, ad, ad2"
[2010/07/28 14:21:32, 4] libsmb/namequery.c:2105(get_dc_list)
get_dc_list: returning 2 ip addresses in an ordered list
[2010/07/28 14:21:32, 4] libsmb/namequery.c:2106(get_dc_list)
get_dc_list: 192.168.1.2:389 192.168.1.5:389
[2010/07/28 14:21:32, 4] libsmb/namequery_dc.c:143(ads_dc_name)
ads_dc_name: using server='AD.BUTB.BY' IP=192.168.1.2
[2010/07/28 14:21:32, 3] libads/ldap.c:621(ads_connect)
Successfully contacted LDAP server 192.168.1.2
[2010/07/28 14:21:32, 3] libads/ldap.c:675(ads_connect)
Connected to LDAP server ad.butb.by
[2010/07/28 14:21:32, 4] libads/ldap.c:2849(ads_current_time)
time offset is 0 seconds
[2010/07/28 14:21:32, 4] libads/sasl.c:1112(ads_sasl_bind)
Found SASL mechanism GSS-SPNEGO
[2010/07/28 14:21:32, 3] libads/sasl.c:780(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2
[2010/07/28 14:21:32, 3] libads/sasl.c:780(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2
[2010/07/28 14:21:32, 3] libads/sasl.c:780(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2.3
[2010/07/28 14:21:32, 3] libads/sasl.c:780(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10
[2010/07/28 14:21:32, 3] libads/sasl.c:789(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got server principal name = ad$@BUTB.BY
[2010/07/28 14:21:32, 3] libsmb/clikrb5.c:687(ads_krb5_mk_req)
ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found)
[2010/07/28 14:21:32, 3] libsmb/clikrb5.c:620(ads_cleanup_expired_creds)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
Чтв, 29 Июл 2010 00:21:32 EEST
[2010/07/28 14:21:32, 3] libsmb/clikrb5.c:729(ads_krb5_mk_req)
ads_krb5_mk_req: server marked as OK to delegate to, building
forwardable TGT
[2010/07/28 14:21:32, 2] lib/interface.c:340(add_interface)
added interface eth0 ip=fe80::201:2eff:fe2b:3ff6%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
[2010/07/28 14:21:32, 2] lib/interface.c:340(add_interface)
added interface eth0 ip=172.16.0.101 bcast=172.16.1.255
netmask=255.255.254.0
[2010/07/28 14:21:32, 4] libads/dns.c:620(ads_dns_lookup_ns)
ads_dns_lookup_ns: 3 records returned in the answer section.
DNS update failed!
[2010/07/28 14:21:33, 2] utils/net.c:779(main)
return code = -1
More information about the samba
mailing list