[Samba] Samba4 AD with bind DNS / TKEY is unacceptable

Stefan Schäfer ml at fsproductions.de
Mon Sep 16 00:26:48 MDT 2013

Am 14.09.2013 07:18, schrieb Thomas Harold:
> On 9/12/2013 2:00 AM, Stefan Schäfer wrote:
>> Sorry my English isn't as good as it should be. ;-)
>> Am 12.09.2013 00:01, schrieb Patrick Gray:
>>> Is your existing server SBS by any
>>> chance?
>> What's the meaning of this sentence?
> SBS = Small Business Server
> - Which was always a cut-down version of the full-blown Windows Server 
> with lots of restrictions.

in our tests it was a w2k3 Standard Server, but last weekend I tried to 
migrate a w2k3 sbs to samba 4.

I think that Patricks question pointed at the differences in the LDAP 
structure for DNS zones between Standard and SBS.

With SBS it seems to be impossible to use bind with BIND9_DLZ driver as 
a nameserver. bind didn't find any DNS Records, but the samba internal 
DNS works.

With the internal DNS evereything seems to work, just "samba_dnsupdate" 
did'nt. It produces the same error message (dns_tkey_negotiategss: TKEY 
is unacceptable) as before in our tests.

Does anybody have any experiences with migration of w2k3 SBS to Samba4?

In my first tests I used VMs, every VM had two network interfaces, one internal for connection between the VMs and one bridged interface to my physical net. This tests results in the problems discribed above. I repeated the test with just one internal interface on every VM and everything worked. I think that the "double connection" between the VMs over the brigded network interfaces caused my problems.


More information about the samba mailing list