[Samba] Samba 4 dnsupdate problem

Johan Landerholm johan at landerholm.net
Fri Dec 7 01:45:14 MST 2012 

Hi all,

I have started to test Samba4 in my network. I have been running samba 
since 1993 in many organisations, and now I would like to upgrade my 
samba3 server in my lab to samba4.

I pulled the sources from git and compiled on my CentOS 6.3 x86_64 server.
Provisioning works fine, and I'm using the internal DNS server for this 
configuration. But it looks like there is a failure to create the zone 
files during startup. I think this is a kerberos problem, but I don't 
know where to start to look.

This is a short cut of the startup:

Calling DNS name update script
Calling SPN name update script
/usr/local/samba4/sbin/smbd: smbd version 4.1.0pre1-GIT-f8056b7 started.
/usr/local/samba4/sbin/smbd: Copyright Andrew Tridgell and the Samba 
Team 1992-2012
/usr/local/samba4/sbin/smbd: standard input is not a socket, assuming -D 
option
Terminating connection - 'wbsrv_call_loop: tstream_read_pdu_blob_recv() 
- NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[wbsrv_call_loop: tstream_read_pdu_blob_recv() - 
NT_STATUS_CONNECTION_DISCONNECTED]
Child /usr/local/samba4/sbin/samba_spnupdate exited with status 0 - Success
Completed SPN update check OK
/usr/local/samba4/sbin/samba_dnsupdate: Traceback (most recent call last):
/usr/local/samba4/sbin/samba_dnsupdate:   File 
"/usr/local/samba4/sbin/samba_dnsupdate", line 508, in <module>
/usr/local/samba4/sbin/samba_dnsupdate:     get_credentials(lp)
/usr/local/samba4/sbin/samba_dnsupdate:   File 
"/usr/local/samba4/sbin/samba_dnsupdate", line 122, in get_credentials
/usr/local/samba4/sbin/samba_dnsupdate: creds.get_named_ccache(lp, 
ccachename)
/usr/local/samba4/sbin/samba_dnsupdate: RuntimeError: kinit for 
SAMBA$@SAMBA.LOCAL failed (Wrong realm)
/usr/local/samba4/sbin/samba_dnsupdate:
Child /usr/local/samba4/sbin/samba_dnsupdate exited with status 1 - 
Operation not permitted
../source4/dsdb/dns/dns_update.c:294: Failed DNS update - 
NT_STATUS_ACCESS_DENIED

When running, the samba server works, but I don't think the AD stuff is 
working very well without DNS.
Does anyone know what I need to fix to get it working ?

Thanks for any help!

/Johan

More information about the samba mailing list