[Samba] Ubuntu DC dns update failure

Davor Vusir davortvusir at gmail.com
Thu Jun 5 14:03:07 MDT 2014 

In my working ubuntu 14.04 and Samba 4.1.8 the configurations that differ
are:

/etc/hosts
127.0.0.1 palmera.altea.site palmera localhost localhost.localdomain
192.168.1.132 palmera.altea.site palmera

and that the [realm] part in /etc/krb5.conf is missing.

Regards
Davor
 Den 5 jun 2014 20:38 skrev "steve" <steve at steve-ss.com>:

> Hi
> Lubuntu 14.04 with bind9 and the samba 4.1.8 tarball
> All seems well. However, 2 errors:
>
> 1. upon starting samba:
> samba: setproctitle not initialized, please either call
> setproctitle_init() or link against libbsd-ctor.
>
> 2. samba_dnsupdate
> - error from samba:
> ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
> NT_STATUS_IO_TIMEOUT
>
> - error whilst running samba_dnsupdate:
> Looking for DNS entry SRV
> _gc._tcp.default-first-site-name._sites.altea.site palmera.altea.site
> 3268 as _gc._tcp.default-first-site-name._sites.altea.site.
> Checking 0 100 3268 palmera.altea.site. against SRV
> _gc._tcp.default-first-site-name._sites.altea.site palmera.altea.site
> 3268
> Traceback (most recent call last):
>   File "/usr/local/samba/sbin/samba_dnsupdate", line 510, in <module>
>     get_credentials(lp)
>   File "/usr/local/samba/sbin/samba_dnsupdate", line 123, in
> get_credentials
>     raise e
> RuntimeError: kinit for PALMERA$@ALTEA.SITE failed (Cannot contact any
> KDC for requested realm)
>
> /etc/hosts
> 127.0.0.1 localhost
> 192.168.1.132 palmera.altea.site palmera
>
> /etc/resolv.conf
> nameserver 192.168.1.132
> search altea.site
>
> /etc/hostname
> palmera.altea.site
>
>  /etc/krb5.conf
> [libdefaults]
>         default_realm = ALTEA.SITE
>         dns_lookup_realm = false
>         dns_lookup_kdc = true
> [realms]
>   ALTEA.SITE = {
>   kdc = palmera.altea.site:88
>  }
>
> apparmor is not running
>
>
> hostname -d -s and -d all return correctly
> bind 9 loads the samba_dlz partitions OK
> all the dns checks in the howto pass OK
>
> It seems that it's failing getting a ticket using the machine key,
> however we can kinit using secrets.keytab fine.
>
> Here is private:
> drwxrwx--- 3 bind bind    4096 jun  5 18:41 dns
> -rw-r----- 1 bind bind     742 jun  5 18:41 dns.keytab
> -rw-r--r-- 1 root root    2270 jun  5 18:41 dns_update_list
> -rw------- 1 root root 1286144 jun  5 18:40 hklm.ldb
> -rw------- 1 root root 1609728 jun  5 19:25 idmap.ldb
> -rw-r--r-- 1 root root      91 jun  5 18:41 krb5.conf
> srwxrwxrwx 1 root root       0 jun  5 20:33 ldapi
> drwxr-x--- 2 root root    4096 jun  5 20:33 ldap_priv
> -rw-r--r-- 1 root bind     555 jun  5 19:22 named.conf
> -rw-r--r-- 1 root root     555 jun  5 19:21 named.conf~
> -r--r--r-- 1 root root     220 jun  5 18:52 named.conf.update
> -rw-r--r-- 1 root root    2212 jun  5 18:41 named.txt
> -rw------- 1 root root 1286144 jun  5 18:40 privilege.ldb
> -rw------- 1 root root     696 jun  5 18:52 randseed.tdb
> -rw------- 1 root root 4251648 jun  5 18:41 sam.ldb
> drwxr-x--- 2 root bind    4096 jun  5 18:41 sam.ldb.d
> -rw------- 1 root root     696 jun  5 20:32 schannel_store.tdb
> -rw------- 1 root bind    1082 jun  5 18:41 secrets.keytab
> -rw------- 1 root root 1286144 jun  5 18:41 secrets.ldb
> -rw------- 1 root root  430080 jun  5 20:33 secrets.tdb
> -rw------- 1 root root 1286144 jun  5 18:40 share.ldb
> drwxr-xr-x 3 root root    4096 jun  5 18:52 smbd.tmp
> -rw-r--r-- 1 root root     955 jun  5 18:41 spn_update_list
> drwx------ 2 root root    4096 jun  5 18:52 tls
>
> Any ideas anyone?
> Cheers,
> Steve
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list