[Samba] DNS update shows errors TKEY is unacceptable on joined Samba 4 DC

Daniel Müller mueller at tropenklinik.de
Wed Jul 31 02:57:25 MDT 2013


Dear all,
after succesfull joining my new samba 4 DC to the domain.
There is an error on using,  samba_dnsupdate --verbose --all-names
On the new joined dc: dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1

How can I fix it!? Dnsupdate on the Master is running well.


[root at s4slave etc]# samba_dnsupdate --verbose --all-names
IPs: ['192.168.135.253']
Skipping PDC entry (SRV _ldap._tcp.pdc._msdcs.${DNSDOMAIN}
${HOSTNAME} 389) as we are not a PDC
Skipping PDC entry (SRV _ldap._tcp.pdc._msdcs.${DNSFOREST}
${HOSTNAME} 389) as we are not a PDC
Calling nsupdate for A tplk.loc 192.168.135.253
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
tplk.loc.               900     IN      A       192.168.135.253

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for A s4slave.tplk.loc 192.168.135.253
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
s4slave.tplk.loc.       900     IN      A       192.168.135.253

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for A gc._msdcs.tplk.loc 192.168.135.253
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
gc._msdcs.tplk.loc.     900     IN      A       192.168.135.253

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for CNAME
0fae0583-b14c-421b-b622-00fbfaf1826c._msdcs.tplk.loc s4slave.tplk.loc
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
0fae0583-b14c-421b-b622-00fbfaf1826c._msdcs.tplk.loc. 900 IN CNAME
s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV _kpasswd._tcp.tplk.loc s4slave.tplk.loc 464
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kpasswd._tcp.tplk.loc. 900     IN      SRV     0 100 464 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV _kpasswd._udp.tplk.loc s4slave.tplk.loc 464
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kpasswd._udp.tplk.loc. 900     IN      SRV     0 100 464 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV _kerberos._tcp.tplk.loc s4slave.tplk.loc 88
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kerberos._tcp.tplk.loc. 900    IN      SRV     0 100 88 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV _kerberos._tcp.dc._msdcs.tplk.loc s4slave.tplk.loc
88
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kerberos._tcp.dc._msdcs.tplk.loc. 900 IN SRV   0 100 88 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV
_kerberos._tcp.default-first-site-name._sites.tplk.loc s4slave.tplk.loc 88
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kerberos._tcp.default-first-site-name._sites.tplk.loc. 900 IN SRV 0 100 88
s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV
_kerberos._tcp.default-first-site-name._sites.dc._msdcs.tplk.loc
s4slave.tplk.loc 88
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kerberos._tcp.default-first-site-name._sites.dc._msdcs.tplk.loc. 900 IN SRV
0 100 88 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV _kerberos._udp.tplk.loc s4slave.tplk.loc 88
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_kerberos._udp.tplk.loc. 900    IN      SRV     0 100 88 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV _ldap._tcp.tplk.loc s4slave.tplk.loc 389
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.tplk.loc.    900     IN      SRV     0 100 389 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV _ldap._tcp.dc._msdcs.tplk.loc s4slave.tplk.loc 389
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.dc._msdcs.tplk.loc. 900 IN   SRV     0 100 389 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV _ldap._tcp.gc._msdcs.tplk.loc s4slave.tplk.loc 3268
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.gc._msdcs.tplk.loc. 900 IN   SRV     0 100 3268 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV _ldap._tcp.default-first-site-name._sites.tplk.loc
s4slave.tplk.loc 389
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.default-first-site-name._sites.tplk.loc. 900 IN SRV 0 100 389
s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV
_ldap._tcp.default-first-site-name._sites.dc._msdcs.tplk.loc
s4slave.tplk.loc 389
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.default-first-site-name._sites.dc._msdcs.tplk.loc. 900 IN SRV 0
100 389 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV
_ldap._tcp.default-first-site-name._sites.gc._msdcs.tplk.loc
s4slave.tplk.loc 3268
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.default-first-site-name._sites.gc._msdcs.tplk.loc. 900 IN SRV 0
100 3268 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV
_ldap._tcp.65e8afee-6cb0-459b-93ab-ffa1e7f57009.domains._msdcs.tplk.loc
s4slave.tplk.loc 389
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_ldap._tcp.65e8afee-6cb0-459b-93ab-ffa1e7f57009.domains._msdcs.tplk.loc. 900
IN SRV 0 100 389 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV _gc._tcp.tplk.loc s4slave.tplk.loc 3268
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_gc._tcp.tplk.loc.      900     IN      SRV     0 100 3268 s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Calling nsupdate for SRV _gc._tcp.default-first-site-name._sites.tplk.loc
s4slave.tplk.loc 3268
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_gc._tcp.default-first-site-name._sites.tplk.loc. 900 IN SRV 0 100 3268
s4slave.tplk.loc.

dns_tkey_negotiategss: TKEY is unacceptable
Failed nsupdate: 1
Failed update of 20 entries

-----------------------------------------------
EDV Daniel Müller

Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen

Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mueller at tropenklinik.de
Internet: www.tropenklinik.de
-----------------------------------------------




More information about the samba mailing list