[Samba] Please Help! Dynamic DNS just will not work: " failed gss_inquire_cred: GSSAPI error: Major = Unspecified GSS failure"

Gary Maurizi garymaurizi at gmail.com
Sat Jun 1 15:58:04 MDT 2013


Michael I have implemented your guide in every respect and I still have the
same problem, is there some way to verify that the dns.keytab is correct?
here is the output running bind in debug mode:

01-Jun-2013 14:55:57.688 running
01-Jun-2013 14:56:05.705 client 10.0.0.106#56085: UDP request
01-Jun-2013 14:56:05.705 client 10.0.0.106#56085: using view '_default'
01-Jun-2013 14:56:05.705 client 10.0.0.106#56085: request is not signed
01-Jun-2013 14:56:05.705 client 10.0.0.106#56085: recursion available
01-Jun-2013 14:56:05.705 client 10.0.0.106#56085: query
01-Jun-2013 14:56:05.705 client 10.0.0.106#56085: query
'GM-BED-DESKTOP.mtolympus.local/SOA/IN' approved
01-Jun-2013 14:56:05.706 client 10.0.0.106#56085: send
01-Jun-2013 14:56:05.706 client 10.0.0.106#56085: sendto
01-Jun-2013 14:56:05.706 client 10.0.0.106#56085: senddone
01-Jun-2013 14:56:05.706 client 10.0.0.106#56085: next
01-Jun-2013 14:56:05.706 client 10.0.0.106#56085: endrequest
01-Jun-2013 14:56:05.706 client @0x7faf00111f50: udprecv
01-Jun-2013 14:56:05.753 client 10.0.0.106#62393: UDP request
01-Jun-2013 14:56:05.753 client 10.0.0.106#62393: using view '_default'
01-Jun-2013 14:56:05.753 client 10.0.0.106#62393: request is not signed
01-Jun-2013 14:56:05.753 client 10.0.0.106#62393: recursion available
01-Jun-2013 14:56:05.753 client 10.0.0.106#62393: query
01-Jun-2013 14:56:05.753 client 10.0.0.106#62393: query
'server.mtolympus.local/A/IN' approved
01-Jun-2013 14:56:05.754 client 10.0.0.106#62393: send
01-Jun-2013 14:56:05.754 client 10.0.0.106#62393: sendto
01-Jun-2013 14:56:05.754 client 10.0.0.106#62393: senddone
01-Jun-2013 14:56:05.754 client 10.0.0.106#62393: next
01-Jun-2013 14:56:05.754 client 10.0.0.106#62393: endrequest
01-Jun-2013 14:56:05.754 client @0x7faf001202b0: udprecv
01-Jun-2013 14:56:05.799 client 10.0.0.106#60674: UDP request
01-Jun-2013 14:56:05.799 client 10.0.0.106#60674: using view '_default'
01-Jun-2013 14:56:05.799 client 10.0.0.106#60674: request is not signed
01-Jun-2013 14:56:05.799 client 10.0.0.106#60674: recursion available
01-Jun-2013 14:56:05.799 client 10.0.0.106#60674: update
01-Jun-2013 14:56:05.799 samba_dlz: starting transaction on zone
mtolympus.local
01-Jun-2013 14:56:05.800 client 10.0.0.106#60674: update
'mtolympus.local/IN' denied
01-Jun-2013 14:56:05.800 samba_dlz: cancelling transaction on zone
mtolympus.local
01-Jun-2013 14:56:05.800 client 10.0.0.106#60674: send
01-Jun-2013 14:56:05.800 client 10.0.0.106#60674: sendto
01-Jun-2013 14:56:05.800 client 10.0.0.106#60674: senddone
01-Jun-2013 14:56:05.800 client 10.0.0.106#60674: next
01-Jun-2013 14:56:05.800 client 10.0.0.106#60674: endrequest
01-Jun-2013 14:56:05.800 client @0x7faf00111f50: udprecv
01-Jun-2013 14:56:05.890 client 10.0.0.106#57284: new TCP connection
01-Jun-2013 14:56:05.890 client 10.0.0.106#57284: replace
01-Jun-2013 14:56:05.890 clientmgr @0x7faf0b60bb08: createclients
01-Jun-2013 14:56:05.890 clientmgr @0x7faf0b60bb08: create new
01-Jun-2013 14:56:05.890 client @0x7faf00e599b0: create
01-Jun-2013 14:56:05.890 client 10.0.0.106#57284: read
01-Jun-2013 14:56:05.890 client @0x7faf00e599b0: accept
01-Jun-2013 14:56:05.894 client 10.0.0.106#57284: TCP request
01-Jun-2013 14:56:05.894 client 10.0.0.106#57284: using view '_default'
01-Jun-2013 14:56:05.894 client 10.0.0.106#57284: request is not signed
01-Jun-2013 14:56:05.894 client 10.0.0.106#57284: recursion available
01-Jun-2013 14:56:05.894 client 10.0.0.106#57284: query
01-Jun-2013 14:56:05.894 failed gss_inquire_cred: GSSAPI error: Major =
Unspecified GSS failure.  Minor code may provide more information, Minor =
Success.
01-Jun-2013 14:56:05.940 gss-api source name (accept) is
gm-bed-desktop$@MTOLYMPUS.LOCAL
01-Jun-2013 14:56:05.940 process_gsstkey(): dns_tsigerror_noerror
01-Jun-2013 14:56:05.941 client 10.0.0.106#57284: send
01-Jun-2013 14:56:05.941 client 10.0.0.106#57284: sendto
01-Jun-2013 14:56:05.941 client 10.0.0.106#57284: senddone
01-Jun-2013 14:56:05.941 client 10.0.0.106#57284: next
01-Jun-2013 14:56:05.941 client 10.0.0.106#57284: endrequest
01-Jun-2013 14:56:05.941 client 10.0.0.106#57284: read
01-Jun-2013 14:56:05.984 client 10.0.0.106#57284: next
01-Jun-2013 14:56:05.984 client 10.0.0.106#57284: request failed: end of
file
01-Jun-2013 14:56:05.984 client 10.0.0.106#57284: endrequest
01-Jun-2013 14:56:05.984 client 10.0.0.106#57284: closetcp
^C01-Jun-2013 14:56:07.844 shutting down
01-Jun-2013 14:56:07.844 stopping command channel on 127.0.0.1#953


Jun  1 14:54:27 server named[17079]: samba_dlz: starting transaction on
zone mtolympus.local
Jun  1 14:54:27 server named[17079]: client 10.0.0.106#61849: update
'mtolympus.local/IN' denied
Jun  1 14:54:27 server named[17079]: samba_dlz: cancelling transaction on
zone mtolympus.local

Thank you so very much for any help, I am so desperately lost at this
point, I have tried everything.


On Sat, Jun 1, 2013 at 1:13 PM, Gary Maurizi <garymaurizi at gmail.com> wrote:

> Thank You so much Michael & Nick,
>
> Michael I will try your solution and follow up ASAP.
>
>
>
> On Sat, Jun 1, 2013 at 9:46 AM, Michael De Groote <
> ict at sint-pietersschool.be> wrote:
>
>> Nick,
>>
>> doesn't that bug apply to internal dns only? (Gary says he's using
>> BIND9_DLZ)
>>
>>
>> 2013/6/1 Nick Semenkovich <semenko at alum.mit.edu>
>>
>> > Looks like bug https://bugzilla.samba.org/show_bug.cgi?id=9559 which
>> > looks like it'll be fixed in git momentarily.
>> >
>> > On Sat, Jun 1, 2013 at 1:59 AM, Gary Maurizi <garymaurizi at gmail.com>
>> > wrote:
>> > > I just can't seem to get dynamic DNS updates working on CentOS 6.4
>> with
>> > > samba 4.0 .tar.gz from samba.org using BIND9_DLZ.
>> > >
>> > > If I run bind 9.8.2.rc1 in debug mode and go to a domain joined
>> windows
>> > > client and run 'ipconfig /registerdns' this is what I get in my
>> console:
>> > >
>> > > 31-May-2013 23:51:06.520 client 10.0.0.106#54352: new TCP connection
>> > > 31-May-2013 23:51:06.520 client 10.0.0.106#54352: replace
>> > > 31-May-2013 23:51:06.520 clientmgr @0x7fe0575b5010: createclients
>> > > 31-May-2013 23:51:06.520 clientmgr @0x7fe0575b5010: recycle
>> > > 31-May-2013 23:51:06.520 client 10.0.0.106#54352: read
>> > > 31-May-2013 23:51:06.520 client @0x7fe04c159600: accept
>> > > 31-May-2013 23:51:06.529 client 10.0.0.106#54352: TCP request
>> > > 31-May-2013 23:51:06.529 client 10.0.0.106#54352: view internal-view:
>> > using
>> > > view 'internal-view'
>> > > 31-May-2013 23:51:06.529 client 10.0.0.106#54352: view internal-view:
>> > > request is not signed
>> > > 31-May-2013 23:51:06.529 client 10.0.0.106#54352: view internal-view:
>> > > recursion available
>> > > 31-May-2013 23:51:06.529 client 10.0.0.106#54352: view internal-view:
>> > query
>> > > 31-May-2013 23:51:06.529 failed gss_inquire_cred: GSSAPI error: Major
>> =
>> > > Unspecified GSS failure.  Minor code may provide more information,
>> Minor
>> > =
>> > > Success.
>> > > 31-May-2013 23:51:06.573 gss-api source name (accept) is
>> > > gm-bed-desktop$@MTOLYMPUS.LOCAL
>> > > 31-May-2013 23:51:06.573 process_gsstkey(): dns_tsigerror_noerror
>> > > 31-May-2013 23:51:06.573 client 10.0.0.106#54352: view internal-view:
>> > send
>> > > 31-May-2013 23:51:06.573 client 10.0.0.106#54352: view internal-view:
>> > sendto
>> > > 31-May-2013 23:51:06.573 client 10.0.0.106#54352: view internal-view:
>> > > senddone
>> > > 31-May-2013 23:51:06.573 client 10.0.0.106#54352: view internal-view:
>> > next
>> > > 31-May-2013 23:51:06.573 client 10.0.0.106#54352: view internal-view:
>> > > endrequest
>> > > 31-May-2013 23:51:06.573 client 10.0.0.106#54352: read
>> > > 31-May-2013 23:51:06.609 client 10.0.0.106#54352: next
>> > > 31-May-2013 23:51:06.609 client 10.0.0.106#54352: request failed: end
>> of
>> > > file
>> > > 31-May-2013 23:51:06.609 client 10.0.0.106#54352: endrequest
>> > > 31-May-2013 23:51:06.609 client 10.0.0.106#54352: closetcp
>> > > ^C31-May-2013 23:51:29.665 shutting down
>> > > 31-May-2013 23:51:29.665 stopping command channel on 127.0.0.1#953
>> > > 31-May-2013 23:51:29.665 res 0x7fe0575c3010: shutdown
>> > > 31-May-2013 23:51:29.665 res 0x7fe0575c3010: exiting
>> > >
>> > > I have checked file permissions everywhere I can think of, this is my
>> 7th
>> > > time following the official samba.org samba 4 primary domain
>> controller
>> > > tutorial and this has happened every single time.
>> > >
>> > > Everything else seems to be functioning, I can manage everything from
>> a
>> > > windows client with the AD snap-ins and the computer shows up in
>> > 'Computers
>> > > and Users' snap in, it just does NOT have a DNS A record!
>> > >
>> > > Thank You!
>> > > --GM
>> > > --
>> > > To unsubscribe from this list go to the following URL and read the
>> > > instructions:  https://lists.samba.org/mailman/options/samba
>> > --
>> > To unsubscribe from this list go to the following URL and read the
>> > instructions:  https://lists.samba.org/mailman/options/samba
>> >
>>
>>
>>
>> --
>> Michael De Groote
>> ICT-coordinator Sint-Pietersschool Korbeek-Lo
>> ICT-support Sancta Maria Basisschool Leuven
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>
>


More information about the samba mailing list