[Samba] Ubuntu client ddns failure
Rowland Penny
rowlandpenny at googlemail.com
Tue May 20 08:34:37 MDT 2014
On 20/05/14 15:25, L.P.H. van Belle wrote:
> so what is you dhcp server sending as default.
> Is there also domain/dns/search part in the main config and not only in the subnet part?
>
>
>
>
>> -----Oorspronkelijk bericht-----
>> Van: steve at steve-ss.com [mailto:samba-bounces at lists.samba.org]
>> Namens steve
>> Verzonden: dinsdag 20 mei 2014 16:26
>> Aan: samba at lists.samba.org
>> Onderwerp: Re: [Samba] Ubuntu client ddns failure
>>
>> On 20/05/14 16:10, Rowland Penny wrote:
>>> On 20/05/14 14:52, L.P.H. van Belle wrote:
>>>> not like this.
>>>>> 127.0.0.1 localhost
>>>>> 127.0.1.1 lubuntu-laptop.hh3.site lubuntu-laptop
>>>> This is simply wrong, and cause by dhcp client at install.
>>> This is working for me on my laptop!
>>>
>>>> better...
>>>> 127.0.0.1 localhost
>>>> 192.168.1.22 lubuntu-laptop.hh3.site lubuntu-laptop
>>>> for dedicated IP.
>>> Doing this is amounts to setting a fixed ip and what would
>> happen if you
>>> went somewhere else and got a different ipaddress via dhcp ??
>> Exactly. We tried it anyway. Same problem. We have a tgt, but we're
>> asking for DNS/a.root-servers.net at HH3.SITE instead of our own domain:
>> DNS/hh3.site at HH3.SITE
>>
>> How do we get it to ask for the spn on our own domain? As do our
>> openSUSE boxes.
>>
>> Strange.
>>
>>> Rowland
>>>
>>>> Do you use resolvconf ( the packages, default is its used ) if so
>>>> configure it.
>>>> or configure /etc/network/interfaces and add the dns-nameserver
>>>> dns-search dns-domain.
>>>> when dns- is used resolvconf adds the info in /etc/resolv.conf
>>>>
>>>>
>>>> Louis
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>> -----Oorspronkelijk bericht-----
>>>>> Van: rowlandpenny at googlemail.com
>>>>> [mailto:samba-bounces at lists.samba.org] Namens Rowland Penny
>>>>> Verzonden: dinsdag 20 mei 2014 15:36
>>>>> Aan: samba at lists.samba.org
>>>>> Onderwerp: Re: [Samba] Ubuntu client ddns failure
>>>>>
>>>>> On 20/05/14 14:12, steve wrote:
>>>>>> Hi
>>>>>> I'm trying to get an Ubuntu 14.04 client to update its rr to
>>>>> a working
>>>>>> bind dns DC with Samba 4.1.7. The setup is the same as with our
>>>>>> openSUSE clients with sssd 1.11.15
>>>>>> sssd.conf
>>>>>> id_provider = ad
>>>>>> auth_provider = ad
>>>>>> access_provider = ad
>>>>>> ldap_id_mapping = False
>>>>>>
>>>>>> /etc/hosts
>>>>>> 127.0.0.1 lubuntu-laptop.hh3.site lubuntu-laptop
>>>>>> 127.0.1.1 localhost
>>>>>>
>>>>> Don't know if this is your problem, but you have got
>> /etc/hosts wrong,
>>>>> shouldn't it be:
>>>>>
>>>>> 127.0.0.1 localhost
>>>>> 127.0.1.1 lubuntu-laptop.hh3.site lubuntu-laptop
>>>>>
>>>>> Rowland
>>>>>
>>>>>> But it is sending a request for the wrong zone:
>>>>>>
>>>>>> Kerberos: ENC-TS Pre-authentication succeeded --
>>>>>> LUBUNTU-LAPTOP$@HH3.SITE using arcfour-hmac-md5
>>>>>> Kerberos: AS-REQ authtime: 2014-05-20T14:01:35 starttime: unset
>>>>>> endtime: 2014-05-21T00:01:35 renew till: 2014-05-21T14:01:35
>>>>>> Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96,
>>>>>> aes128-cts-hmac-sha1-96, arcfour-hmac-md5, des3-cbc-sha1, 25, 26,
>>>>>> using arcfour-hmac-md5/arcfour-hmac-md5
>>>>>> Kerberos: Requested flags: renewable-ok
>>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>>> ipv4:192.168.1.22:40240 for ldap/hh16.hh3.site at HH3.SITE
>>>>> [canonicalize,
>>>>>> renewable]
>>>>>> Kerberos: TGS-REQ authtime: 2014-05-20T14:01:35 starttime:
>>>>>> 2014-05-20T14:01:35 endtime: 2014-05-21T00:01:35 renew till:
>>>>>> 2014-05-21T14:01:35
>>>>>> Terminating connection - 'kdc_tcp_call_loop:
>>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>>>>>> single_terminate: reason[kdc_tcp_call_loop:
>>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>>> ipv4:192.168.1.22:40241 for DNS/a.root-servers.net at HH3.SITE
>>>>>> [canonicalize, renewable]
>>>>>> Kerberos: Searching referral for a.root-servers.net
>>>>>> Kerberos: Returning a referral to realm ROOT-SERVERS.NET
>> for server
>>>>>> DNS/a.root-servers.net at HH3.SITE that was not found
>>>>>> Failed find a single entry for
>>>>>>
>>>>> (&(objectClass=trustedDomain)(|(flatname=ROOT-SERVERS.NET)(trus
>>>>> tPartner=ROOT-SERVERS.NET))):
>>>>>> got 0
>>>>>> Kerberos: samba_kdc_fetch: could not find principal in DB
>>>>>> Kerberos: Server not found in database:
>>>>>> krbtgt/ROOT-SERVERS.NET at HH3.SITE: no such entry found in hdb
>>>>>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40241
>>>>>> Terminating connection - 'kdc_tcp_call_loop:
>>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>>>>>> single_terminate: reason[kdc_tcp_call_loop:
>>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>>> ipv4:192.168.1.22:40242 for DNS/a.root-servers.net at HH3.SITE
>>>>> [renewable]
>>>>>> Kerberos: Server not found in database:
>>>>>> DNS/a.root-servers.net at HH3.SITE: no such entry found in hdb
>>>>>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40242
>>>>>> Terminating connection - 'kdc_tcp_call_loop:
>>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>>>>>> single_terminate: reason[kdc_tcp_call_loop:
>>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>>> ipv4:192.168.1.22:40243 for DNS/a.root-servers.net at HH3.SITE
>>>>>> [canonicalize, renewable]
>>>>>> Kerberos: Searching referral for a.root-servers.net
>>>>>> Kerberos: Returning a referral to realm ROOT-SERVERS.NET
>> for server
>>>>>> DNS/a.root-servers.net at HH3.SITE that was not found
>>>>>> Failed find a single entry for
>>>>>>
>>>>> (&(objectClass=trustedDomain)(|(flatname=ROOT-SERVERS.NET)(trus
>>>>> tPartner=ROOT-SERVERS.NET))):
>>>>>> got 0
>>>>>> Kerberos: samba_kdc_fetch: could not find principal in DB
>>>>>> Kerberos: Server not found in database:
>>>>>> krbtgt/ROOT-SERVERS.NET at HH3.SITE: no such entry found in hdb
>>>>>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40243
>>>>>> Terminating connection - 'kdc_tcp_call_loop:
>>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
>>>>>> single_terminate: reason[kdc_tcp_call_loop:
>>>>>> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>>> ipv4:192.168.1.22:40244 for DNS/a.root-servers.net at HH3.SITE
>>>>> [renewable]
>>>>>> Kerberos: Server not found in database:
>>>>>> DNS/a.root-servers.net at HH3.SITE: no such entry found in hdb
>>>>>> Kerberos: Failed building TGS-REP to ipv4:192.168.1.22:40244
>>>>>>
>>>>>> The worrying thing is that we can still get tickets even
>>>>> though it has
>>>>>> the wrong A record in DNS.
>>>>>> What is this, 'a.root-servers.net' business? Why not our domain?
>>>>>> What have we overlooked?
>>>>>> Thanks,
>>>>>> Steve
>>>>>>
>>>>> --
>>>>> To unsubscribe from this list go to the following URL and read the
>>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>>
>>>>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
Hi Louis, My laptop runs Linux Mint 15 and the only thing I altered
after install was the '127.0.1.1' line in /etc/hosts.
Also, you know what my DHCP server sends!
Rowland
More information about the samba
mailing list