[Samba] Ubuntu client ddns failure

Rowland Penny rowlandpenny at googlemail.com
Tue May 20 09:21:26 MDT 2014 

On 20/05/14 16:03, steve wrote:
> On 20/05/14 16:50, L.P.H. van Belle wrote:
>> ok post.
>>
>> cat /etc/network/interfaces
> auto lo
> iface lo inet loopback
>
>> cat /etc/resolv.conf
> nameserver 192.168.1.16
> nameserver 127.0.1.1
> search hh3.site dragonet.es
>
>> cat /etc/nsswitch.conf
> passwd:         compat sss
> group:          compat sss
> shadow:         compat
>
> #hosts:          files dns mdns4_minimal [NOTFOUND=return] dns mdns4
> hosts:          files dns
> networks:       files
>
> protocols:      db files
> services:       db files
> ethers:         db files
> rpc:            db files
> automount:    sss
> netgroup:       nis sss
> sudoers:        files sss
>
>
>> cat /etc/krb5.conf
> [libdefaults]
>         default_realm = HH3.SITE
>         dns_lookup_realm = false
>         dns_lookup_kdc = true
>
>
>> cat /etc/dhcp/dhclient.conf
> option rfc3442-classless-static-routes code 121 = array of unsigned 
> integer 8;
> send host-name = gethostname();
> request subnet-mask, broadcast-address, time-offset, routers,
>     domain-name, domain-name-servers, domain-search, host-name,
>     dhcp6.name-servers, dhcp6.domain-search,
>     netbios-name-servers, netbios-scope, interface-mtu,
>     rfc3442-classless-static-routes, ntp-servers,
>     dhcp6.fqdn, dhcp6.sntp-servers;
>
>>
>> dpkg -l | egrep "avahi|resolv|bind"
> ii  avahi-daemon                         0.6.31-4ubuntu1 i386         
> Avahi mDNS/DNS-SD daemon
> ii  bind9-host                           1:9.9.5.dfsg-3 i386         
> Version of 'host' bundled with BIND 9.X
> ii  gir1.2-gtk-3.0                       3.10.8-0ubuntu1 i386         
> GTK+ graphical user interface library -- gir bindings
> ii  gir1.2-pango-1.0                     1.36.3-1ubuntu1 i386         
> Layout and rendering of internationalized text - gir bindings
> ii  libapparmor-perl                     2.8.95~2430-0ubuntu5       
> i386         AppArmor library Perl bindings
> ii  libavahi-client3:i386                0.6.31-4ubuntu1 i386         
> Avahi client library
> ii  libavahi-common-data:i386            0.6.31-4ubuntu1 i386         
> Avahi common data files
> ii  libavahi-common3:i386                0.6.31-4ubuntu1 i386         
> Avahi common library
> ii  libavahi-core7:i386                  0.6.31-4ubuntu1 i386         
> Avahi's embeddable mDNS/DNS-SD library
> ii  libavahi-glib1:i386                  0.6.31-4ubuntu1 i386         
> Avahi GLib integration library
> ii  libbind9-90                          1:9.9.5.dfsg-3 i386         
> BIND9 Shared Library used by BIND
> ii  libc-ares2:i386                      1.10.0-2 i386         
> asynchronous name resolver
> ii  libgeoip1:i386                       1.6.0-1 i386         non-DNS 
> IP-to-country resolver library
> ii  libgmpxx4ldbl:i386                   2:5.1.3+dfsg-1ubuntu1       
> i386         Multiprecision arithmetic library (C++ bindings)
> ii  libindicator3-7 12.10.2+14.04.20140402-0ubuntu1      i386         
> panel indicator applet - shared library
> ii  libindicator7 12.10.2+14.04.20140402-0ubuntu1      i386         
> panel indicator applet - shared library
> ii  libnet-dbus-perl                     1.0.0-2build1 i386         
> Perl extension for the DBus bindings
> ii  libunity-protocol-private0:i386 7.1.4+14.04.20140210-0ubuntu1 
>       i386         binding to get places into the launcher - private 
> library
> ii  libunity-scopes-json-def-desktop 7.1.4+14.04.20140210-0ubuntu1 
>       all          binding to get places into the launcher - desktop 
> def file
> ii  libunity9:i386 7.1.4+14.04.20140210-0ubuntu1       i386         
> binding to get places into the launcher - shared library
> ii  libwbclient0:i386 2:4.1.6+dfsg-1ubuntu2.14.04.1       i386         
> Samba winbind client library
> ii  python-cairo                         1.8.8-1ubuntu5 i386         
> Python bindings for the Cairo vector graphics library
> ii  python-cups                          1.9.66-0ubuntu2 i386         
> Python bindings for CUPS
> ii  python-gi                            3.12.0-1 i386         Python 
> 2.x bindings for gobject-introspection libraries
> ii  python-gnomekeyring                  2.32.0+dfsg-3 i386         
> Python bindings for the GNOME keyring library
> ii  python-gobject                       3.12.0-1 all          Python 
> 2.x bindings for GObject - transitional package
> ii  python-gobject-2                     2.28.6-12build1 i386         
> deprecated static Python bindings for the GObject library
> ii  python-gtk2                          2.24.0-3ubuntu3 i386         
> Python bindings for the GTK+ widget set
> ii  python-gudev                         147.2-3 i386         Python 
> bindings for gudev
> ii  python-ldb                           1:1.1.16-1 i386         
> Python bindings for LDB
> ii  python-libxml2                       2.9.1+dfsg1-3ubuntu4.1       
> i386         Python bindings for the GNOME XML library
> ii  python-notify                        0.1.1-3ubuntu2 i386         
> Python bindings for libnotify
> ii  python-ntdb                          1.0-2ubuntu1 i386         
> Python bindings for NTDB
> ii  python-pycurl                        7.19.3-0ubuntu3 i386         
> Python bindings to libcurl
> ii  python-samba 2:4.1.6+dfsg-1ubuntu2.14.04.1       i386         
> Python bindings for Samba
> ii  python-smbc                          1.0.14.1-0ubuntu2 
> i386         Python bindings for Samba clients (libsmbclient)
> ii  python-talloc                        2.1.0-1 i386         
> hierarchical pool based memory allocator - Python bindings
> ii  python-tdb                           1.2.12-1 i386         Python 
> bindings for TDB
> ii  python-xklavier                      0.4-4       i386 Python 
> binding for libxklavier, an X Keyboard Extension API
> ii  python3-commandnotfound              0.3ubuntu12 all          
> Python 3 bindings for command-not-found.
> ii  python3-gi                           3.12.0-1 i386         Python 
> 3 bindings for gobject-introspection libraries
> ii  python3-pycurl                       7.19.3-0ubuntu3 i386         
> Python 3 bindings to libcurl
> ii  resolvconf                           1.69ubuntu1 all          name 
> server information handler
> ii  rpcbind                              0.2.1-2ubuntu1 i386         
> converts RPC program numbers into universal addresses
>
> TIA, but be gentle. We're not very debianified down here;)
>
>
>>
>>
>>
>>> -----Oorspronkelijk bericht-----
>>> Van: steve at steve-ss.com [mailto:samba-bounces at lists.samba.org]
>>> Namens steve
>>> Verzonden: dinsdag 20 mei 2014 16:49
>>> Aan: samba at lists.samba.org
>>> Onderwerp: Re: [Samba] Ubuntu client ddns failure
>>>
>>> On 20/05/14 16:28, Rowland Penny wrote:
>>>> On 20/05/14 15:10, steve wrote:
>>>>> On 20/05/14 15:35, Rowland Penny wrote:
>>>>>> 127.0.0.1    localhost
>>>>>> 127.0.1.1    lubuntu-laptop.hh3.site    lubuntu-laptop
>>>>>
>>>>> 'Fraid not. Now it's looking for 'LOCAL':
>>>>>
>>>>> Kerberos: ENC-TS Pre-authentication succeeded --
>>>>> LUBUNTU-LAPTOP$@HH3.SITE using arcfour-hmac-md5
>>>>> Kerberos: AS-REQ authtime: 2014-05-20T16:06:34 starttime: unset
>>>>> endtime: 2014-05-21T02:06:34 renew till: 2014-05-21T16:06:34
>>>>> Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96,
>>>>> aes128-cts-hmac-sha1-96, arcfour-hmac-md5, des3-cbc-sha1, 25, 26,
>>>>> using arcfour-hmac-md5/arcfour-hmac-md5
>>>>> Kerberos: Requested flags: renewable-ok
>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>> ipv4:192.168.1.22:58376 for ldap/hh16.local at HH3.SITE [canonicalize,
>>>>> renewable]
>>>>> Kerberos: Searching referral for hh16.local
>>>>> Kerberos: Returning a referral to realm LOCAL for server
>>>>> ldap/hh16.local at HH3.SITE that was not found
>>>>> Failed find a single entry for
>>>>>
>>> (&(objectClass=trustedDomain)(|(flatname=LOCAL)(trustPartner=LOCAL))):
>>>>> got 0
>>>>> Kerberos: samba_kdc_fetch: could not find principal in DB
>>>>>
>>>>> and sssd just gives up:
>>>>> (Tue May 20 16:09:14 2014) [sssd[be[hh3.site]]] [sasl_bind_send]
>>>>> (0x0080): Extended failure message: [SASL(-1): generic
>>> failure: GSSAPI
>>>>> Error: Unspecified GSS failure. Minor code may provide more
>>>>> information (Server not found in Kerberos database)]
>>>>> (Tue May 20 16:09:14 2014) [sssd[be[hh3.site]]] [be_run_offline_cb]
>>>>> (0x0080): Going offline. Running callbacks.
>>>>> (Tue May 20 16:09:14 2014) [sssd[be[hh3.site]]]
>>>>> [ad_subdomains_get_conn_done] (0x0080): No AD server is available,
>>>>> cannot get the subdomain list while offline
>>>>>
>>>>>
>>>> OK, so where does 'LOCAL' come from ??
>>>>
>>>> Try this on the client:
>>>>
>>>> nano /etc/nsswitch.conf
>>>>
>>>> Change:
>>>>
>>>> hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4
>>>>
>>>> To:
>>>>
>>>> hosts:          files dns
>>>>
>>>> See if that cures your problems.
>>>>
>>>> Rowland
>>>>
>>> No:( It's insisting on the a.root.servers
>>>
>>> -- 
>>> To unsubscribe from this list go to the following URL and read the
>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>
>>>
>>
>
OK, the only difference that I can see between your laptops settings and 
mine is /etc/resolv.conf. As I said mine is written by the resolvconf 
package and only has this in it:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by 
resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.0.5
search example.com

192.168.0.5 is the DC that samba4, Bind9 & DHCP are running on
example.com is the samba4 domain name

Could you try setting your resolv.conf to be similar to this, one 
nameserver and one search domain.

Rowland

More information about the samba mailing list