[Samba] Samba4 in FreeBSD 9 i386 for Domain controller not working. Samba version 4.1.0 pre1-GIT cf15406

pccom frank pccom.frank at hotmail.com
Mon Nov 19 11:46:49 MST 2012


Hi,Rowland!Thank you for your help.Change the dns server to the samba server make things better. But still not working.
root at f10:/etc # /usr/local/samba/sbin/samba -i -M singlesamba version 4.1.0pre1-GIT-e6a100e started.Copyright Andrew Tridgell and the Samba Team 1992-2012samba: using 'single' process model/usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot specify -g	or -o, program not linked with GSS API Library/usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot specify -g	or -o, program not linked with GSS API Library/usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot specify -g	or -o, program not linked with GSS API Library../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_UNSUCCESSFUL^Croot at f10:/etc # cat /etc/resolv.conf domain f10.pcccom.canameserver 127.0.0.1


root at f10:/etc # /usr/local/samba/sbin/samba -i -M singlesamba version 4.1.0pre1-GIT-e6a100e started.Copyright Andrew Tridgell and the Samba Team 1992-2012samba: using 'single' process model../source4/dsdb/dns/dns_update.c:294: Failed DNS update - NT_STATUS_IO_TIMEOUT

^Croot at f10:/etc # cat /etc/resolv.conf domain f10.pcccom.canameserver 192.1681.1.100root at f10:/etc # ifconfigre0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500	options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>	ether 90:e6:ba:88:db:31	inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255 	inet6 fe80::92e6:baff:fe88:db31%re0 prefixlen 64 scopeid 0x1 	nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>	media: Ethernet autoselect (100baseTX <full-duplex>)	status: active

> Date: Mon, 19 Nov 2012 16:33:24 +0000
> From: rpenny at f2s.com
> To: samba at lists.samba.org
> Subject: Re: [Samba] Samba4 in FreeBSD 9 i386 for Domain controller not working. Samba version 4.1.0 pre1-GIT cf15406
> 
> On 19/11/12 02:50, Pccom Frank wrote:
> > Thank you Andrew!
> > You are right. Let FreeBSD start its own Kerberos does not make sense since
> > Samba4 has its own Kerberos.
> > I can not get Samba4's Kerberos working.
> > The following is the message I run Samba4.
> >
> > I am using the Samba4's internal DNS.
> > I copied krb5.conf from /usr/local/samba/private to /etc after I run
> > samba-tool domain provision.
> >
> >
> >
> > root at f10:/usr/local/samba/sbin # ./samba -i -M single
> > samba version 4.1.0pre1-GIT-e6a100e started.
> > Copyright Andrew Tridgell and the Samba Team 1992-2012
> > samba: using 'single' process model
> > /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call last):
> > /usr/local/samba/sbin/samba_dnsupdate:   File
> > "/usr/local/samba/sbin/samba_dnsupdate", line 507, in <module>
> > /usr/local/samba/sbin/samba_dnsupdate:     get_credentials(lp)
> > /usr/local/samba/sbin/samba_dnsupdate:   File
> > "/usr/local/samba/sbin/samba_dnsupdate", line 121, in get_credentials
> > /usr/local/samba/sbin/samba_dnsupdate:     creds.get_named_ccache(lp,
> > ccachename)
> > /usr/local/samba/sbin/samba_dnsupdate: RuntimeError: kinit for F10$@
> > F10.PCCOM.CA failed (Cannot contact any KDC for requested realm)
> > /usr/local/samba/sbin/samba_dnsupdate:
> > ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
> > NT_STATUS_ACCESS_DENIED
> >
> >
> >
> > root at f10:/usr/local/samba/sbin # uname -a
> > FreeBSD f10 10.0-CURRENT FreeBSD 10.0-CURRENT #0: Sat Oct  6 04:49:30 UTC
> > 2012     root at build-i386-fbsd-2.allbsd.org:/usr/obj/i386.i386/usr/src/sys/GENERIC
> >   i386
> >
> >
> > root at f10:/usr/local/samba/sbin # cat /etc/resolv.conf
> > domain f10.pcccom.ca
> > nameserver 192.168.1.1
> >
> > root at f10:/usr/local/samba/sbin # nslookup samba.org
> > Server: 192.168.1.1
> > Address: 192.168.1.1#53
> >
> > Non-authoritative answer:
> > Name: samba.org
> > Address: 216.83.154.106
> >
> > It looks the DNS server has no problem.
> >
> > Please help me out!
> >
> > On Sun, Nov 18, 2012 at 6:38 PM, Andrew Bartlett <abartlet at samba.org> wrote:
> >
> >> On Fri, 2012-11-16 at 16:42 -0500, Pccom Frank wrote:
> >>> Hi, Samab gurus!
> >>>
> >>> I tried to make Samba4 work on FreeBSD 9.1 i386 but failed to join an XP
> >>> computer to the domain.
> >>>
> >>> What I did is:
> >>>
> >>> 1, git clone git://git.samba.org/samba.git samba-master
> >>>
> >>> 2, cd /usr/local/samba-master
> >>> 3, ./configure --enable-debug --enable-selftest && make && make install
> >>> 4, /usr/local/samba/sbin/samba-tool domain provision
> >>> --realm=xyz.pccom.ca--domain=dcxyz --adminpass='123456'
> >>> --server-role=dc
> >>> 5, cp /usr/local/samba/private/krb.conf /etc
> >> What suggested that you should do this?
> >>
> >>> 6, echo 'kerberos5_server_enable="YES"' >> /etc/rc.conf
> >>> 7, echo 'kadmind5_server_enable="YES"' >> /etc/rc.conf
> >> This step is not included in any official Samba HOWTO.
> >>
> >>> 8, echo 'domain xyz.pccom.ca' >> /etc/resolv.conf
> >>> the dns server keep the same as before.
> >>> 9, /usr/local/samba/bin/samba -i -M single
> >>>
> >>> I found
> >>>
> >>> "Failed to bind to 192.168.1.248 UDP_NT_ADDRESS_ALREADY_ASSOCIATED"
> >> Our KDC cannot start because you enabled a different KDC and it is
> >> listening on port 88 already.
> >>
> >> Andrew Bartlett
> >>
> >> --
> >> Andrew Bartlett                                http://samba.org/~abartlet/
> >> Authentication Developer, Samba Team           http://samba.org
> >>
> >>
> >>
> Hello, is the ipaddress of the samba 4 server 192.168.1.1 ? because 
> earlier you had a problem connecting to the KDC on 192.168.1.248
> If 192.168.1.1 is a different machine, then alter the nameserver line in 
> /etc/resolv.conf to point to either your samba4 servers ipaddress or 
> 127.0.0.1
> 
> Rowland
> 
> 
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
 		 	   		  


More information about the samba mailing list