[Samba] SAMBA4 DDNS update samba_dnsupdate issues

Daniel A. Creed Dan.Creed at thecreeds.net
Fri Jul 30 14:17:16 MDT 2010


Followed all the howto instructions and when this runs I get the following: (with debug on)

[root at quigonn named]# /usr/local/samba/sbin/samba_dnsupdate -d 200
/usr/local/samba/lib/python2.4/site-packages/samba/__init__.py:44: RuntimeWarning: Python C API version mismatch for module ldb: This Python has API version 1013, module ldb has version 1012.
  import ldb
/usr/local/samba/lib/python2.4/site-packages/samba/__init__.py:45: RuntimeWarning: Python C API version mismatch for module _ldb: This Python has API version 1013, module _ldb has version 1012.
  from samba._ldb import Ldb as _Ldb
/usr/local/samba/lib/python2.4/site-packages/samba/__init__.py:324: RuntimeWarning: Python C API version mismatch for module _glue: This Python has API version 1013, module _glue has version 1012.
  import _glue
/usr/local/samba/lib/python2.4/site-packages/samba/getopt.py:23: RuntimeWarning: Python C API version mismatch for module credentials: This Python has API version 1013, module credentials has version 1012.
  from credentials import Credentials, DONT_USE_KERBEROS, MUST_USE_KERBEROS
/usr/local/samba/lib/python2.4/site-packages/samba/samdb.py:26: RuntimeWarning: Python C API version mismatch for module dsdb: This Python has API version 1013, module dsdb has version 1012.
  import dsdb
/usr/local/samba/sbin/samba_dnsupdate:37: RuntimeWarning: Python C API version mismatch for module auth: This Python has API version 1013, module auth has version 1012.
  from samba.auth import system_session
/usr/local/samba/lib/python2.4/site-packages/samba/getopt.py:32: RuntimeWarning: Python C API version mismatch for module param: This Python has API version 1013, module param has version 1012.
  import os, param
lp_load: refreshing parameters from /usr/local/samba/etc/smb.conf
params.c:pm_process() - Processing configuration file "/usr/local/samba/etc/smb.conf"
Processing section "[globals]"
Processing section "[netlogon]"
Processing section "[sysvol]"
Processing section "[profiles]"
pm_process() returned Yes
adding hidden service IPC$
adding hidden service ADMIN$
added interface ip=192.168.1.5 nmask=255.255.255.0
Initialising global parameters
lp_load: refreshing parameters from /usr/local/samba/etc/smb.conf
params.c:pm_process() - Processing configuration file "/usr/local/samba/etc/smb.conf"
Processing section "[globals]"
Processing section "[netlogon]"
Processing section "[sysvol]"
Processing section "[profiles]"
pm_process() returned Yes
adding hidden service IPC$
adding hidden service ADMIN$
lp_servicenumber: couldn't find ldb
AUTH backend 'sam' registered
AUTH backend 'sam_ignoredomain' registered
AUTH backend 'anonymous' registered
AUTH backend 'server' registered
AUTH backend 'winbind_samba3' registered
AUTH backend 'winbind' registered
AUTH backend 'winbind_wbclient' registered
AUTH backend 'name_to_ntstatus' registered
AUTH backend 'fixed_challenge' registered
AUTH backend 'unix' registered
schema_fsmo_init: we are master: yes
ldb: ldb_trace_request: SEARCH
 dn: @MODULES
 scope: base
 expr: (@LIST=*)
 attr: @LIST
 control: <NONE>

ldb: ldb_trace_request: (tdb)->search
ldb: ldb_trace_response: ENTRY
dn: @MODULES
@LIST: samba_secrets



ldb: ldb_trace_request: REGISTER_CONTROL
1.2.840.113556.1.4.1413
 control: <NONE>

ldb: ldb_tdb: Unable to register control with rootdse!
ldb: ldb_trace_request: SEARCH
 dn: <rootDSE>
 scope: base
 expr: (objectClass=*)
 attr: rootDomainNamingContext
 attr: configurationNamingContext
 attr: schemaNamingContext
 attr: defaultNamingContext
 control: <NONE>

ldb: ldb_trace_request: (tdb)->search
ldb_wrap open of secrets.ldb
ldb: ldb_trace_request: SEARCH
 dn: cn=Primary Domains
 scope: sub
 expr: (&(flatname=THECREEDS)(objectclass=primaryDomain))
 attr: secret
 attr: priorSecret
 attr: samAccountName
 attr: flatname
 attr: realm
 attr: secureChannelType
 attr: unicodePwd
 attr: msDS-KeyVersionNumber
 attr: saltPrincipal
 attr: privateKeytab
 attr: krb5Keytab
 attr: servicePrincipalName
 attr: ldapBindDn
 control: <NONE>

ldb: ldb_trace_request: (tdb)->search
ldb: ldb_trace_response: ENTRY
dn: flatname=THECREEDS,cn=Primary Domains
flatname: THECREEDS
msDS-KeyVersionNumber: 1
privateKeytab: secrets.keytab
realm: THECREEDS.NET
saltPrincipal: host/quigonn.thecreeds.net at THECREEDS.NET
samAccountName: QUIGONN$
secret: <removed for obvious reasons>
secureChannelType: 6



Received smb_krb5 packet of length 266
Received smb_krb5 packet of length 1219
dns_tkey_negotiategss: TKEY is unacceptable
dns_tkey_negotiategss: TKEY is unacceptable


The wierd thing is I know that TSIG transfers are working because I can use nsupdate with the key set and it updates the records fine... So what TKEY is this looking for and whats the issue with it?

Thanks,
Dan



More information about the samba mailing list