[Samba] Samba4 in FreeBSD 9 i386 for Domain controller not working. Samba version 4.1.0 pre1-GIT cf15406

Rowland Penny rpenny at f2s.com
Mon Nov 19 13:27:41 MST 2012 

On 19/11/12 19:15, Rowland Penny wrote:
> On 19/11/12 18:46, pccom frank wrote:
>> Hi,Rowland!
>> Thank you for your help.
>> Change the dns server to the samba server make things better. But 
>> still not working.
>>
>> root at f10:/etc # /usr/local/samba/sbin/samba -i -M single
>> samba version 4.1.0pre1-GIT-e6a100e started.
>> Copyright Andrew Tridgell and the Samba Team 1992-2012
>> samba: using 'single' process model
>> /usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot 
>> specify -gor -o, program not linked with GSS API Library
>> /usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot 
>> specify -gor -o, program not linked with GSS API Library
>> /usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot 
>> specify -gor -o, program not linked with GSS API Library
>> ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - 
>> NT_STATUS_UNSUCCESSFUL
>> ^C
>> root at f10:/etc # cat /etc/resolv.conf
>> domain f10.pcccom.ca
>> nameserver 127.0.0.1
>>
>>
>>
>> root at f10:/etc # /usr/local/samba/sbin/samba -i -M single
>> samba version 4.1.0pre1-GIT-e6a100e started.
>> Copyright Andrew Tridgell and the Samba Team 1992-2012
>> samba: using 'single' process model
>> ../source4/dsdb/dns/dns_update.c:294: Failed DNS update - 
>> NT_STATUS_IO_TIMEOUT
>>
>>
>> ^C
>> root at f10:/etc # cat /etc/resolv.conf
>> domain f10.pcccom.ca
>> nameserver 192.1681.1.100
>> root at f10:/etc # ifconfig
>> re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 
>> 1500
>> options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE> 
>>
>> ether 90:e6:ba:88:db:31
>> inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
>> inet6 fe80::92e6:baff:fe88:db31%re0 prefixlen 64 scopeid 0x1
>> nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
>> media: Ethernet autoselect (100baseTX <full-duplex>)
>> status: active
>>
>>
>> > Date: Mon, 19 Nov 2012 16:33:24 +0000
>> > From: rpenny at f2s.com
>> > To: samba at lists.samba.org
>> > Subject: Re: [Samba] Samba4 in FreeBSD 9 i386 for Domain controller 
>> not working. Samba version 4.1.0 pre1-GIT cf15406
>> >
>> > On 19/11/12 02:50, Pccom Frank wrote:
>> > > Thank you Andrew!
>> > > You are right. Let FreeBSD start its own Kerberos does not make 
>> sense since
>> > > Samba4 has its own Kerberos.
>> > > I can not get Samba4's Kerberos working.
>> > > The following is the message I run Samba4.
>> > >
>> > > I am using the Samba4's internal DNS.
>> > > I copied krb5.conf from /usr/local/samba/private to /etc after I run
>> > > samba-tool domain provision.
>> > >
>> > >
>> > >
>> > > root at f10:/usr/local/samba/sbin # ./samba -i -M single
>> > > samba version 4.1.0pre1-GIT-e6a100e started.
>> > > Copyright Andrew Tridgell and the Samba Team 1992-2012
>> > > samba: using 'single' process model
>> > > /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent 
>> call last):
>> > > /usr/local/samba/sbin/samba_dnsupdate: File
>> > > "/usr/local/samba/sbin/samba_dnsupdate", line 507, in <module>
>> > > /usr/local/samba/sbin/samba_dnsupdate: get_credentials(lp)
>> > > /usr/local/samba/sbin/samba_dnsupdate: File
>> > > "/usr/local/samba/sbin/samba_dnsupdate", line 121, in 
>> get_credentials
>> > > /usr/local/samba/sbin/samba_dnsupdate: creds.get_named_ccache(lp,
>> > > ccachename)
>> > > /usr/local/samba/sbin/samba_dnsupdate: RuntimeError: kinit for F10$@
>> > > F10.PCCOM.CA failed (Cannot contact any KDC for requested realm)
>> > > /usr/local/samba/sbin/samba_dnsupdate:
>> > > ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
>> > > NT_STATUS_ACCESS_DENIED
>> > >
>> > >
>> > >
>> > > root at f10:/usr/local/samba/sbin # uname -a
>> > > FreeBSD f10 10.0-CURRENT FreeBSD 10.0-CURRENT #0: Sat Oct 6 
>> 04:49:30 UTC
>> > > 2012 
>> root at build-i386-fbsd-2.allbsd.org:/usr/obj/i386.i386/usr/src/sys/GENERIC
>> > > i386
>> > >
>> > >
>> > > root at f10:/usr/local/samba/sbin # cat /etc/resolv.conf
>> > > domain f10.pcccom.ca
>> > > nameserver 192.168.1.1
>> > >
>> > > root at f10:/usr/local/samba/sbin # nslookup samba.org
>> > > Server: 192.168.1.1
>> > > Address: 192.168.1.1#53
>> > >
>> > > Non-authoritative answer:
>> > > Name: samba.org
>> > > Address: 216.83.154.106
>> > >
>> > > It looks the DNS server has no problem.
>> > >
>> > > Please help me out!
>> > >
>> > > On Sun, Nov 18, 2012 at 6:38 PM, Andrew Bartlett 
>> <abartlet at samba.org> wrote:
>> > >
>> > >> On Fri, 2012-11-16 at 16:42 -0500, Pccom Frank wrote:
>> > >>> Hi, Samab gurus!
>> > >>>
>> > >>> I tried to make Samba4 work on FreeBSD 9.1 i386 but failed to 
>> join an XP
>> > >>> computer to the domain.
>> > >>>
>> > >>> What I did is:
>> > >>>
>> > >>> 1, git clone git://git.samba.org/samba.git samba-master
>> > >>>
>> > >>> 2, cd /usr/local/samba-master
>> > >>> 3, ./configure --enable-debug --enable-selftest && make && make 
>> install
>> > >>> 4, /usr/local/samba/sbin/samba-tool domain provision
>> > >>> --realm=xyz.pccom.ca--domain=dcxyz --adminpass='123456'
>> > >>> --server-role=dc
>> > >>> 5, cp /usr/local/samba/private/krb.conf /etc
>> > >> What suggested that you should do this?
>> > >>
>> > >>> 6, echo 'kerberos5_server_enable="YES"' >> /etc/rc.conf
>> > >>> 7, echo 'kadmind5_server_enable="YES"' >> /etc/rc.conf
>> > >> This step is not included in any official Samba HOWTO.
>> > >>
>> > >>> 8, echo 'domain xyz.pccom.ca' >> /etc/resolv.conf
>> > >>> the dns server keep the same as before.
>> > >>> 9, /usr/local/samba/bin/samba -i -M single
>> > >>>
>> > >>> I found
>> > >>>
>> > >>> "Failed to bind to 192.168.1.248 
>> UDP_NT_ADDRESS_ALREADY_ASSOCIATED"
>> > >> Our KDC cannot start because you enabled a different KDC and it is
>> > >> listening on port 88 already.
>> > >>
>> > >> Andrew Bartlett
>> > >>
>> > >> --
>> > >> Andrew Bartlett http://samba.org/~abartlet/
>> > >> Authentication Developer, Samba Team http://samba.org
>> > >>
>> > >>
>> > >>
>> > Hello, is the ipaddress of the samba 4 server 192.168.1.1 ? because
>> > earlier you had a problem connecting to the KDC on 192.168.1.248
>> > If 192.168.1.1 is a different machine, then alter the nameserver 
>> line in
>> > /etc/resolv.conf to point to either your samba4 servers ipaddress or
>> > 127.0.0.1
>> >
>> > Rowland
>> >
>> >
>> > --
>> > This message has been scanned for viruses and
>> > dangerous content by MailScanner, and is
>> > believed to be clean.
>> >
>> > --
>> > To unsubscribe from this list go to the following URL and read the
>> > instructions: https://lists.samba.org/mailman/options/samba
>>
>> -- 
>> This message has been scanned for viruses and
>> dangerous content by *MailScanner* <http://www.mailscanner.info/>, 
>> and is
>> believed to be clean. 
> That looks like a problem with bind9utils on freebsd not samba4
>
> Rowland
>
oops, that should have been dnsutils not bind9utils

Rowland

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the samba mailing list