[Samba] Samba4-AD - named.conf

nc-codewete at netcologne.de nc-codewete at netcologne.de
Mon Feb 14 02:49:40 MST 2011

Hello Matthieu,

I followed exactly the steps of this howto, but when I checked the 
named.conf by "using named -d9 -g -c /etc/bind9/named.conf", I got a the 
error "failed to acquire accept credentials for DNS/samba.example.net: 
GSSAPI error: Major = Unspecified GSS failure. Minor code may provide 
more information, Minor = Permission denied.".

I had set the owner to bind:bind before I set the permisson 644 and it 
wasn't working well.

Now it's working all fine and by the way: Samba4 is a great work :o)

Also I never used Kerberos before and I'm now happy about this. It's 
just great!

Thanks for you advice!

Best regard


Am 12.02.2011 18:52, schrieb Matthieu Patou:
> On 11/02/2011 15:29, nc-codewete at netcologne.de wrote:
>> ... o.k. I got it:
>> The file "/usr/local/samba/private/dns.keytab"  need the permisson 644 .
> Well it needs that the bind user (bind on debian/ubuntu) has the read 
> ownership, it would be better to follow the howto for 
> samba4:http://wiki.samba.org/index.php/Samba4/HOWTO#Step_10_Configure_kerberos_DNS_dynamic_updates
> Matthieu.

More information about the samba mailing list