[Samba] Ubuntu client ddns failure
Andy Durant
adurant at vestec.com
Tue May 20 09:53:28 MDT 2014
If you can resolve by fqdn but not netbios name, you need a wins server.
Andy
On 5/20/2014 11:46 AM, steve wrote:
> On 20/05/14 17:21, Rowland Penny wrote:
>> On 20/05/14 16:03, steve wrote:
>>> On 20/05/14 16:50, L.P.H. van Belle wrote:
>>>> ok post.
>>>>
>>>> cat /etc/network/interfaces
>>> auto lo
>>> iface lo inet loopback
>>>
>>>> cat /etc/resolv.conf
>>> nameserver 192.168.1.16
>>> nameserver 127.0.1.1
>>> search hh3.site dragonet.es
>>>
>>>> cat /etc/nsswitch.conf
>>> passwd: compat sss
>>> group: compat sss
>>> shadow: compat
>>>
>>> #hosts: files dns mdns4_minimal [NOTFOUND=return] dns mdns4
>>> hosts: files dns
>>> networks: files
>>>
>>> protocols: db files
>>> services: db files
>>> ethers: db files
>>> rpc: db files
>>> automount: sss
>>> netgroup: nis sss
>>> sudoers: files sss
>>>
>>>
>>>> cat /etc/krb5.conf
>>> [libdefaults]
>>> default_realm = HH3.SITE
>>> dns_lookup_realm = false
>>> dns_lookup_kdc = true
>>>
>>>
>>>> cat /etc/dhcp/dhclient.conf
>>> option rfc3442-classless-static-routes code 121 = array of unsigned
>>> integer 8;
>>> send host-name = gethostname();
>>> request subnet-mask, broadcast-address, time-offset, routers,
>>> domain-name, domain-name-servers, domain-search, host-name,
>>> dhcp6.name-servers, dhcp6.domain-search,
>>> netbios-name-servers, netbios-scope, interface-mtu,
>>> rfc3442-classless-static-routes, ntp-servers,
>>> dhcp6.fqdn, dhcp6.sntp-servers;
>>>
>>>>
>>>> dpkg -l | egrep "avahi|resolv|bind"
>>> ii avahi-daemon 0.6.31-4ubuntu1 i386 Avahi
>>> mDNS/DNS-SD daemon
>>> ii bind9-host 1:9.9.5.dfsg-3 i386 Version
>>> of 'host' bundled with BIND 9.X
>>> ii gir1.2-gtk-3.0 3.10.8-0ubuntu1 i386 GTK+
>>> graphical user interface library -- gir bindings
>>> ii gir1.2-pango-1.0 1.36.3-1ubuntu1 i386 Layout
>>> and rendering of internationalized text - gir bindings
>>> ii libapparmor-perl 2.8.95~2430-0ubuntu5
>>> i386 AppArmor library Perl bindings
>>> ii libavahi-client3:i386 0.6.31-4ubuntu1 i386 Avahi
>>> client library
>>> ii libavahi-common-data:i386 0.6.31-4ubuntu1 i386 Avahi
>>> common data files
>>> ii libavahi-common3:i386 0.6.31-4ubuntu1 i386 Avahi
>>> common library
>>> ii libavahi-core7:i386 0.6.31-4ubuntu1 i386 Avahi's
>>> embeddable mDNS/DNS-SD library
>>> ii libavahi-glib1:i386 0.6.31-4ubuntu1 i386 Avahi
>>> GLib integration library
>>> ii libbind9-90 1:9.9.5.dfsg-3 i386 BIND9
>>> Shared Library used by BIND
>>> ii libc-ares2:i386 1.10.0-2 i386 asynchronous
>>> name resolver
>>> ii libgeoip1:i386 1.6.0-1 i386 non-DNS
>>> IP-to-country resolver library
>>> ii libgmpxx4ldbl:i386 2:5.1.3+dfsg-1ubuntu1
>>> i386 Multiprecision arithmetic library (C++ bindings)
>>> ii libindicator3-7 12.10.2+14.04.20140402-0ubuntu1 i386 panel
>>> indicator applet - shared library
>>> ii libindicator7 12.10.2+14.04.20140402-0ubuntu1 i386 panel
>>> indicator applet - shared library
>>> ii libnet-dbus-perl 1.0.0-2build1 i386 Perl
>>> extension for the DBus bindings
>>> ii libunity-protocol-private0:i386 7.1.4+14.04.20140210-0ubuntu1
>>> i386 binding to get places into the launcher - private
>>> library
>>> ii libunity-scopes-json-def-desktop 7.1.4+14.04.20140210-0ubuntu1
>>> all binding to get places into the launcher - desktop
>>> def file
>>> ii libunity9:i386 7.1.4+14.04.20140210-0ubuntu1 i386 binding to
>>> get places into the launcher - shared library
>>> ii libwbclient0:i386 2:4.1.6+dfsg-1ubuntu2.14.04.1 i386 Samba
>>> winbind client library
>>> ii python-cairo 1.8.8-1ubuntu5 i386 Python
>>> bindings for the Cairo vector graphics library
>>> ii python-cups 1.9.66-0ubuntu2 i386 Python
>>> bindings for CUPS
>>> ii python-gi 3.12.0-1 i386 Python
>>> 2.x bindings for gobject-introspection libraries
>>> ii python-gnomekeyring 2.32.0+dfsg-3 i386 Python
>>> bindings for the GNOME keyring library
>>> ii python-gobject 3.12.0-1 all Python
>>> 2.x bindings for GObject - transitional package
>>> ii python-gobject-2 2.28.6-12build1 i386
>>> deprecated static Python bindings for the GObject library
>>> ii python-gtk2 2.24.0-3ubuntu3 i386 Python
>>> bindings for the GTK+ widget set
>>> ii python-gudev 147.2-3 i386 Python
>>> bindings for gudev
>>> ii python-ldb 1:1.1.16-1 i386 Python
>>> bindings for LDB
>>> ii python-libxml2 2.9.1+dfsg1-3ubuntu4.1
>>> i386 Python bindings for the GNOME XML library
>>> ii python-notify 0.1.1-3ubuntu2 i386 Python
>>> bindings for libnotify
>>> ii python-ntdb 1.0-2ubuntu1 i386 Python
>>> bindings for NTDB
>>> ii python-pycurl 7.19.3-0ubuntu3 i386 Python
>>> bindings to libcurl
>>> ii python-samba 2:4.1.6+dfsg-1ubuntu2.14.04.1 i386 Python
>>> bindings for Samba
>>> ii python-smbc 1.0.14.1-0ubuntu2
>>> i386 Python bindings for Samba clients (libsmbclient)
>>> ii python-talloc 2.1.0-1 i386 hierarchical
>>> pool based memory allocator - Python bindings
>>> ii python-tdb 1.2.12-1 i386 Python
>>> bindings for TDB
>>> ii python-xklavier 0.4-4 i386 Python
>>> binding for libxklavier, an X Keyboard Extension API
>>> ii python3-commandnotfound 0.3ubuntu12 all Python 3
>>> bindings for command-not-found.
>>> ii python3-gi 3.12.0-1 i386 Python
>>> 3 bindings for gobject-introspection libraries
>>> ii python3-pycurl 7.19.3-0ubuntu3 i386 Python 3
>>> bindings to libcurl
>>> ii resolvconf 1.69ubuntu1 all name
>>> server information handler
>>> ii rpcbind 0.2.1-2ubuntu1 i386 converts
>>> RPC program numbers into universal addresses
>>>
>>> TIA, but be gentle. We're not very debianified down here;)
>>>
>>>
>>>>
>>>>
>>>>
>>>>> -----Oorspronkelijk bericht-----
>>>>> Van: steve at steve-ss.com [mailto:samba-bounces at lists.samba.org]
>>>>> Namens steve
>>>>> Verzonden: dinsdag 20 mei 2014 16:49
>>>>> Aan: samba at lists.samba.org
>>>>> Onderwerp: Re: [Samba] Ubuntu client ddns failure
>>>>>
>>>>> On 20/05/14 16:28, Rowland Penny wrote:
>>>>>> On 20/05/14 15:10, steve wrote:
>>>>>>> On 20/05/14 15:35, Rowland Penny wrote:
>>>>>>>> 127.0.0.1 localhost
>>>>>>>> 127.0.1.1 lubuntu-laptop.hh3.site lubuntu-laptop
>>>>>>>
>>>>>>> 'Fraid not. Now it's looking for 'LOCAL':
>>>>>>>
>>>>>>> Kerberos: ENC-TS Pre-authentication succeeded --
>>>>>>> LUBUNTU-LAPTOP$@HH3.SITE using arcfour-hmac-md5
>>>>>>> Kerberos: AS-REQ authtime: 2014-05-20T16:06:34 starttime: unset
>>>>>>> endtime: 2014-05-21T02:06:34 renew till: 2014-05-21T16:06:34
>>>>>>> Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96,
>>>>>>> aes128-cts-hmac-sha1-96, arcfour-hmac-md5, des3-cbc-sha1, 25, 26,
>>>>>>> using arcfour-hmac-md5/arcfour-hmac-md5
>>>>>>> Kerberos: Requested flags: renewable-ok
>>>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>>>> ipv4:192.168.1.22:58376 for ldap/hh16.local at HH3.SITE [canonicalize,
>>>>>>> renewable]
>>>>>>> Kerberos: Searching referral for hh16.local
>>>>>>> Kerberos: Returning a referral to realm LOCAL for server
>>>>>>> ldap/hh16.local at HH3.SITE that was not found
>>>>>>> Failed find a single entry for
>>>>>>>
>>>>> (&(objectClass=trustedDomain)(|(flatname=LOCAL)(trustPartner=LOCAL))):
>>>>>
>>>>>>> got 0
>>>>>>> Kerberos: samba_kdc_fetch: could not find principal in DB
>>>>>>>
>>>>>>> and sssd just gives up:
>>>>>>> (Tue May 20 16:09:14 2014) [sssd[be[hh3.site]]] [sasl_bind_send]
>>>>>>> (0x0080): Extended failure message: [SASL(-1): generic
>>>>> failure: GSSAPI
>>>>>>> Error: Unspecified GSS failure. Minor code may provide more
>>>>>>> information (Server not found in Kerberos database)]
>>>>>>> (Tue May 20 16:09:14 2014) [sssd[be[hh3.site]]] [be_run_offline_cb]
>>>>>>> (0x0080): Going offline. Running callbacks.
>>>>>>> (Tue May 20 16:09:14 2014) [sssd[be[hh3.site]]]
>>>>>>> [ad_subdomains_get_conn_done] (0x0080): No AD server is available,
>>>>>>> cannot get the subdomain list while offline
>>>>>>>
>>>>>>>
>>>>>> OK, so where does 'LOCAL' come from ??
>>>>>>
>>>>>> Try this on the client:
>>>>>>
>>>>>> nano /etc/nsswitch.conf
>>>>>>
>>>>>> Change:
>>>>>>
>>>>>> hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
>>>>>>
>>>>>> To:
>>>>>>
>>>>>> hosts: files dns
>>>>>>
>>>>>> See if that cures your problems.
>>>>>>
>>>>>> Rowland
>>>>>>
>>>>> No:( It's insisting on the a.root.servers
>>>>>
>>>>> --
>>>>> To unsubscribe from this list go to the following URL and read the
>>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>>
>>>>>
>>>>
>>>
>> OK, the only difference that I can see between your laptops settings and
>> mine is /etc/resolv.conf. As I said mine is written by the resolvconf
>> package and only has this in it:
>>
>> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by
>> resolvconf(8)
>> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
>> nameserver 192.168.0.5
>> search example.com
>>
>> 192.168.0.5 is the DC that samba4, Bind9 & DHCP are running on
>> example.com is the samba4 domain name
>>
>> Could you try setting your resolv.conf to be similar to this, one
>> nameserver and one search domain.
>>
>> Rowland
>>
> Yep. Still looks out to root.servers:(
>
> Narrowing it down a bit:
> dig lubuntu-laptop:
> looks out to root.servers
>
> dig lubuntu-laptop.hh3.site
> resolves correctly to named on the DC
>
> fqdn works, short hostname, nada.
>
> Give up?
> Cheers,
> Steve
>
More information about the samba
mailing list