[Samba] Samba4 Dynamic GSS-TSIG update failed
Konstantin Pobudzey
5836000 at gmail.com
Tue Sep 13 08:49:26 MDT 2011
Hello
I followed Samba4 wiki.
All working execpt Dynamic zone update.
# From windows client ( info from wireshark )
server is not an authority for domain
0
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not
authenticated by the server
#from var log messages on samba4 box
Sep 13 17:45:56 dcmsc named[2725]: client 192.168.77.86#64591: update
'qwerty.inc/IN' denied
#Info from keytab file generated from provision step
ktutil: rkt /usr/local/samba/private/dns.keytab
ktutil: list
slot KVNO Principal
---- ----
---------------------------------------------------------------------
1 1 DNS/qwerty.inc at qwerty.inc
2 1 DNS/dcmsc.qwerty.inc at qwerty.inc
3 1 dns-dcmsc at qwerty.inc
4 1 DNS/qwerty.inc at qwerty.inc
5 1 DNS/dcmsc.qwerty.inc at qwerty.inc
6 1 dns-dcmsc at qwerty.inc
7 1 DNS/qwerty.inc at qwerty.inc
8 1 DNS/dcmsc.qwerty.inc at qwerty.inc
9 1 dns-dcmsc at qwerty.inc
10 1 DNS/qwerty.inc at qwerty.inc
11 1 DNS/dcmsc.qwerty.inc at qwerty.inc
12 1 dns-dcmsc at qwerty.inc
13 1 DNS/qwerty.inc at qwerty.inc
14 1 DNS/dcmsc.qwerty.inc at qwerty.inc
15 1 dns-dcmsc at qwerty.inc
Hm...It should be 15 slots here ?
#Attempt connect from Samba4 box
kinit -k -t /usr/local/samba/private/dns.keytab DNS/dcmsc.qwerty.inc
kinit: Client 'DNS/dcmsc.qwerty.inc at qwerty.inc' not found in Kerberos
database while getting initial credentials
What is next step to make it work ?
Thank You in advance.
More information about the samba
mailing list