[Samba] Ubuntu client ddns failure

L.P.H. van Belle belle at bazuin.nl
Tue May 20 07:52:46 MDT 2014 

not like this.  
>127.0.0.1    localhost 
>127.0.1.1    lubuntu-laptop.hh3.site    lubuntu-laptop

This is simply wrong, and cause by dhcp client at install. 

better... 
127.0.0.1    localhost 
192.168.1.22 lubuntu-laptop.hh3.site    lubuntu-laptop
for dedicated IP.  

Do you use resolvconf ( the packages, default is its used ) if so configure it. 
or configure /etc/network/interfaces  and add the dns-nameserver dns-search dns-domain. 
when dns-  is used resolvconf adds the info in /etc/resolv.conf


Louis




	
>-----Oorspronkelijk bericht-----
>Van: rowlandpenny at googlemail.com 
>[mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>Verzonden: dinsdag 20 mei 2014 15:36
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] Ubuntu client ddns failure
>
>On 20/05/14 14:12, steve wrote:
>> Hi
>> I'm trying to get an Ubuntu 14.04 client to update its rr to 
>a working 
>> bind dns DC with Samba 4.1.7. The setup is the same as with our 
>> openSUSE clients with sssd 1.11.15
>> sssd.conf
>> id_provider = ad
>> auth_provider = ad
>> access_provider = ad
>> ldap_id_mapping = False
>>
>> /etc/hosts
>> 127.0.0.1    lubuntu-laptop.hh3.site lubuntu-laptop
>> 127.0.1.1 localhost
>>
>Don't know if this is your problem, but you have got /etc/hosts wrong, 
>shouldn't it be:
>
>127.0.0.1    localhost
>127.0.1.1    lubuntu-laptop.hh3.site    lubuntu-laptop
>
>Rowland
>
>> But it is sending a request for the wrong zone:
>>
>> Kerberos: ENC-TS Pre-authentication succeeded -- 
>> LUBUNTU-LAPTOP$@HH3.SITE using arcfour-hmac-md5
>> Kerberos: AS-REQ authtime: 2014-05-20T14:01:35 starttime: unset 
>> endtime: 2014-05-21T00:01:35 renew till: 2014-05-21T14:01:35
>> Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96, 
>> aes128-cts-hmac-sha1-96, arcfour-hmac-md5, des3-cbc-sha1, 25, 26, 
>> using arcfour-hmac-md5/arcfour-hmac-md5
>> Kerberos: Requested flags: renewable-ok
>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from 
>> ipv4:192.168.1.22:40240 for ldap/hh16.hh3.site at HH3.SITE 
>[canonicalize, 
>> renewable]
>> Kerberos: TGS-REQ authtime: 2014-05-20T14:01:35 starttime: 
>> 2014-05-20T14:01:35 endtime: 2014-05-21T00:01:35 renew till: 
>> 2014-05-21T14:01:35
>> Terminating connection - 'kdc_tcp_call_loop: 
>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>> single_terminate: reason[kdc_tcp_call_loop: 
>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from 
>> ipv4:192.168.1.22:40241 for DNS/a.root-servers.net at HH3.SITE 
>> [canonicalize, renewable]
>> Kerberos: Searching referral for a.root-servers.net
>> Kerberos: Returning a referral to realm ROOT-SERVERS.NET for server 
>> DNS/a.root-servers.net at HH3.SITE that was not found
>> Failed find a single entry for 
>> 
>(&(objectClass=trustedDomain)(|(flatname=ROOT-SERVERS.NET)(trus
>tPartner=ROOT-SERVERS.NET))): 
>> got 0
>> Kerberos: samba_kdc_fetch: could not find principal in DB
>> Kerberos: Server not found in database: 
>> krbtgt/ROOT-SERVERS.NET at HH3.SITE: no such entry found in hdb
>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40241
>> Terminating connection - 'kdc_tcp_call_loop: 
>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>> single_terminate: reason[kdc_tcp_call_loop: 
>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from 
>> ipv4:192.168.1.22:40242 for DNS/a.root-servers.net at HH3.SITE 
>[renewable]
>> Kerberos: Server not found in database: 
>> DNS/a.root-servers.net at HH3.SITE: no such entry found in hdb
>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40242
>> Terminating connection - 'kdc_tcp_call_loop: 
>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>> single_terminate: reason[kdc_tcp_call_loop: 
>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from 
>> ipv4:192.168.1.22:40243 for DNS/a.root-servers.net at HH3.SITE 
>> [canonicalize, renewable]
>> Kerberos: Searching referral for a.root-servers.net
>> Kerberos: Returning a referral to realm ROOT-SERVERS.NET for server 
>> DNS/a.root-servers.net at HH3.SITE that was not found
>> Failed find a single entry for 
>> 
>(&(objectClass=trustedDomain)(|(flatname=ROOT-SERVERS.NET)(trus
>tPartner=ROOT-SERVERS.NET))): 
>> got 0
>> Kerberos: samba_kdc_fetch: could not find principal in DB
>> Kerberos: Server not found in database: 
>> krbtgt/ROOT-SERVERS.NET at HH3.SITE: no such entry found in hdb
>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40243
>> Terminating connection - 'kdc_tcp_call_loop: 
>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>> single_terminate: reason[kdc_tcp_call_loop: 
>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from 
>> ipv4:192.168.1.22:40244 for DNS/a.root-servers.net at HH3.SITE 
>[renewable]
>> Kerberos: Server not found in database: 
>> DNS/a.root-servers.net at HH3.SITE: no such entry found in hdb
>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40244
>>
>> The worrying thing is that we can still get tickets even 
>though it has 
>> the wrong A record in DNS.
>> What is this, 'a.root-servers.net' business? Why not our domain?
>> What have we overlooked?
>> Thanks,
>> Steve
>>
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba
>
>

More information about the samba mailing list