[Samba] Ubuntu client ddns failure
steve
steve at steve-ss.com
Tue May 20 10:15:22 MDT 2014
On 20/05/14 17:58, Rowland Penny wrote:
> On 20/05/14 16:46, steve wrote:
>> On 20/05/14 17:21, Rowland Penny wrote:
>>> On 20/05/14 16:03, steve wrote:
>>>> On 20/05/14 16:50, L.P.H. van Belle wrote:
>>>>> ok post.
>>>>>
>>>>> cat /etc/network/interfaces
>>>> auto lo
>>>> iface lo inet loopback
>>>>
>>>>> cat /etc/resolv.conf
>>>> nameserver 192.168.1.16
>>>> nameserver 127.0.1.1
>>>> search hh3.site dragonet.es
>>>>
>>>>> cat /etc/nsswitch.conf
>>>> passwd: compat sss
>>>> group: compat sss
>>>> shadow: compat
>>>>
>>>> #hosts: files dns mdns4_minimal [NOTFOUND=return] dns mdns4
>>>> hosts: files dns
>>>> networks: files
>>>>
>>>> protocols: db files
>>>> services: db files
>>>> ethers: db files
>>>> rpc: db files
>>>> automount: sss
>>>> netgroup: nis sss
>>>> sudoers: files sss
>>>>
>>>>
>>>>> cat /etc/krb5.conf
>>>> [libdefaults]
>>>> default_realm = HH3.SITE
>>>> dns_lookup_realm = false
>>>> dns_lookup_kdc = true
>>>>
>>>>
>>>>> cat /etc/dhcp/dhclient.conf
>>>> option rfc3442-classless-static-routes code 121 = array of unsigned
>>>> integer 8;
>>>> send host-name = gethostname();
>>>> request subnet-mask, broadcast-address, time-offset, routers,
>>>> domain-name, domain-name-servers, domain-search, host-name,
>>>> dhcp6.name-servers, dhcp6.domain-search,
>>>> netbios-name-servers, netbios-scope, interface-mtu,
>>>> rfc3442-classless-static-routes, ntp-servers,
>>>> dhcp6.fqdn, dhcp6.sntp-servers;
>>>>
>>>>>
>>>>> dpkg -l | egrep "avahi|resolv|bind"
>>>> ii avahi-daemon 0.6.31-4ubuntu1 i386 Avahi
>>>> mDNS/DNS-SD daemon
>>>> ii bind9-host 1:9.9.5.dfsg-3 i386 Version
>>>> of 'host' bundled with BIND 9.X
>>>> ii gir1.2-gtk-3.0 3.10.8-0ubuntu1 i386 GTK+
>>>> graphical user interface library -- gir bindings
>>>> ii gir1.2-pango-1.0 1.36.3-1ubuntu1 i386 Layout
>>>> and rendering of internationalized text - gir bindings
>>>> ii libapparmor-perl 2.8.95~2430-0ubuntu5
>>>> i386 AppArmor library Perl bindings
>>>> ii libavahi-client3:i386 0.6.31-4ubuntu1 i386 Avahi
>>>> client library
>>>> ii libavahi-common-data:i386 0.6.31-4ubuntu1 i386 Avahi
>>>> common data files
>>>> ii libavahi-common3:i386 0.6.31-4ubuntu1 i386 Avahi
>>>> common library
>>>> ii libavahi-core7:i386 0.6.31-4ubuntu1 i386 Avahi's
>>>> embeddable mDNS/DNS-SD library
>>>> ii libavahi-glib1:i386 0.6.31-4ubuntu1 i386 Avahi
>>>> GLib integration library
>>>> ii libbind9-90 1:9.9.5.dfsg-3 i386 BIND9
>>>> Shared Library used by BIND
>>>> ii libc-ares2:i386 1.10.0-2 i386 asynchronous
>>>> name resolver
>>>> ii libgeoip1:i386 1.6.0-1 i386 non-DNS
>>>> IP-to-country resolver library
>>>> ii libgmpxx4ldbl:i386 2:5.1.3+dfsg-1ubuntu1
>>>> i386 Multiprecision arithmetic library (C++ bindings)
>>>> ii libindicator3-7 12.10.2+14.04.20140402-0ubuntu1 i386 panel
>>>> indicator applet - shared library
>>>> ii libindicator7 12.10.2+14.04.20140402-0ubuntu1 i386 panel
>>>> indicator applet - shared library
>>>> ii libnet-dbus-perl 1.0.0-2build1 i386 Perl
>>>> extension for the DBus bindings
>>>> ii libunity-protocol-private0:i386 7.1.4+14.04.20140210-0ubuntu1
>>>> i386 binding to get places into the launcher - private
>>>> library
>>>> ii libunity-scopes-json-def-desktop 7.1.4+14.04.20140210-0ubuntu1
>>>> all binding to get places into the launcher - desktop
>>>> def file
>>>> ii libunity9:i386 7.1.4+14.04.20140210-0ubuntu1 i386 binding to
>>>> get places into the launcher - shared library
>>>> ii libwbclient0:i386 2:4.1.6+dfsg-1ubuntu2.14.04.1 i386 Samba
>>>> winbind client library
>>>> ii python-cairo 1.8.8-1ubuntu5 i386 Python
>>>> bindings for the Cairo vector graphics library
>>>> ii python-cups 1.9.66-0ubuntu2 i386 Python
>>>> bindings for CUPS
>>>> ii python-gi 3.12.0-1 i386 Python
>>>> 2.x bindings for gobject-introspection libraries
>>>> ii python-gnomekeyring 2.32.0+dfsg-3 i386 Python
>>>> bindings for the GNOME keyring library
>>>> ii python-gobject 3.12.0-1 all Python
>>>> 2.x bindings for GObject - transitional package
>>>> ii python-gobject-2 2.28.6-12build1 i386
>>>> deprecated static Python bindings for the GObject library
>>>> ii python-gtk2 2.24.0-3ubuntu3 i386 Python
>>>> bindings for the GTK+ widget set
>>>> ii python-gudev 147.2-3 i386 Python
>>>> bindings for gudev
>>>> ii python-ldb 1:1.1.16-1 i386 Python
>>>> bindings for LDB
>>>> ii python-libxml2 2.9.1+dfsg1-3ubuntu4.1
>>>> i386 Python bindings for the GNOME XML library
>>>> ii python-notify 0.1.1-3ubuntu2 i386 Python
>>>> bindings for libnotify
>>>> ii python-ntdb 1.0-2ubuntu1 i386 Python
>>>> bindings for NTDB
>>>> ii python-pycurl 7.19.3-0ubuntu3 i386 Python
>>>> bindings to libcurl
>>>> ii python-samba 2:4.1.6+dfsg-1ubuntu2.14.04.1 i386 Python
>>>> bindings for Samba
>>>> ii python-smbc 1.0.14.1-0ubuntu2
>>>> i386 Python bindings for Samba clients (libsmbclient)
>>>> ii python-talloc 2.1.0-1 i386 hierarchical
>>>> pool based memory allocator - Python bindings
>>>> ii python-tdb 1.2.12-1 i386 Python
>>>> bindings for TDB
>>>> ii python-xklavier 0.4-4 i386 Python
>>>> binding for libxklavier, an X Keyboard Extension API
>>>> ii python3-commandnotfound 0.3ubuntu12 all Python 3
>>>> bindings for command-not-found.
>>>> ii python3-gi 3.12.0-1 i386 Python
>>>> 3 bindings for gobject-introspection libraries
>>>> ii python3-pycurl 7.19.3-0ubuntu3 i386 Python 3
>>>> bindings to libcurl
>>>> ii resolvconf 1.69ubuntu1 all name
>>>> server information handler
>>>> ii rpcbind 0.2.1-2ubuntu1 i386 converts
>>>> RPC program numbers into universal addresses
>>>>
>>>> TIA, but be gentle. We're not very debianified down here;)
>>>>
>>>>
>>>>>
>>>>>
>>>>>
>>>>>> -----Oorspronkelijk bericht-----
>>>>>> Van: steve at steve-ss.com [mailto:samba-bounces at lists.samba.org]
>>>>>> Namens steve
>>>>>> Verzonden: dinsdag 20 mei 2014 16:49
>>>>>> Aan: samba at lists.samba.org
>>>>>> Onderwerp: Re: [Samba] Ubuntu client ddns failure
>>>>>>
>>>>>> On 20/05/14 16:28, Rowland Penny wrote:
>>>>>>> On 20/05/14 15:10, steve wrote:
>>>>>>>> On 20/05/14 15:35, Rowland Penny wrote:
>>>>>>>>> 127.0.0.1 localhost
>>>>>>>>> 127.0.1.1 lubuntu-laptop.hh3.site lubuntu-laptop
>>>>>>>>
>>>>>>>> 'Fraid not. Now it's looking for 'LOCAL':
>>>>>>>>
>>>>>>>> Kerberos: ENC-TS Pre-authentication succeeded --
>>>>>>>> LUBUNTU-LAPTOP$@HH3.SITE using arcfour-hmac-md5
>>>>>>>> Kerberos: AS-REQ authtime: 2014-05-20T16:06:34 starttime: unset
>>>>>>>> endtime: 2014-05-21T02:06:34 renew till: 2014-05-21T16:06:34
>>>>>>>> Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96,
>>>>>>>> aes128-cts-hmac-sha1-96, arcfour-hmac-md5, des3-cbc-sha1, 25, 26,
>>>>>>>> using arcfour-hmac-md5/arcfour-hmac-md5
>>>>>>>> Kerberos: Requested flags: renewable-ok
>>>>>>>> Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from
>>>>>>>> ipv4:192.168.1.22:58376 for ldap/hh16.local at HH3.SITE [canonicalize,
>>>>>>>> renewable]
>>>>>>>> Kerberos: Searching referral for hh16.local
>>>>>>>> Kerberos: Returning a referral to realm LOCAL for server
>>>>>>>> ldap/hh16.local at HH3.SITE that was not found
>>>>>>>> Failed find a single entry for
>>>>>>>>
>>>>>> (&(objectClass=trustedDomain)(|(flatname=LOCAL)(trustPartner=LOCAL))):
>>>>>>
>>>>>>>> got 0
>>>>>>>> Kerberos: samba_kdc_fetch: could not find principal in DB
>>>>>>>>
>>>>>>>> and sssd just gives up:
>>>>>>>> (Tue May 20 16:09:14 2014) [sssd[be[hh3.site]]] [sasl_bind_send]
>>>>>>>> (0x0080): Extended failure message: [SASL(-1): generic
>>>>>> failure: GSSAPI
>>>>>>>> Error: Unspecified GSS failure. Minor code may provide more
>>>>>>>> information (Server not found in Kerberos database)]
>>>>>>>> (Tue May 20 16:09:14 2014) [sssd[be[hh3.site]]] [be_run_offline_cb]
>>>>>>>> (0x0080): Going offline. Running callbacks.
>>>>>>>> (Tue May 20 16:09:14 2014) [sssd[be[hh3.site]]]
>>>>>>>> [ad_subdomains_get_conn_done] (0x0080): No AD server is available,
>>>>>>>> cannot get the subdomain list while offline
>>>>>>>>
>>>>>>>>
>>>>>>> OK, so where does 'LOCAL' come from ??
>>>>>>>
>>>>>>> Try this on the client:
>>>>>>>
>>>>>>> nano /etc/nsswitch.conf
>>>>>>>
>>>>>>> Change:
>>>>>>>
>>>>>>> hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
>>>>>>>
>>>>>>> To:
>>>>>>>
>>>>>>> hosts: files dns
>>>>>>>
>>>>>>> See if that cures your problems.
>>>>>>>
>>>>>>> Rowland
>>>>>>>
>>>>>> No:( It's insisting on the a.root.servers
>>>>>>
>>>>>> --
>>>>>> To unsubscribe from this list go to the following URL and read the
>>>>>> instructions: https://lists.samba.org/mailman/options/samba
>>>>>>
>>>>>>
>>>>>
>>>>
>>> OK, the only difference that I can see between your laptops settings and
>>> mine is /etc/resolv.conf. As I said mine is written by the resolvconf
>>> package and only has this in it:
>>>
>>> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by
>>> resolvconf(8)
>>> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
>>> nameserver 192.168.0.5
>>> search example.com
>>>
>>> 192.168.0.5 is the DC that samba4, Bind9 & DHCP are running on
>>> example.com is the samba4 domain name
>>>
>>> Could you try setting your resolv.conf to be similar to this, one
>>> nameserver and one search domain.
>>>
>>> Rowland
>>>
>> Yep. Still looks out to root.servers:(
>>
>> Narrowing it down a bit:
>> dig lubuntu-laptop:
>> looks out to root.servers
>>
>> dig lubuntu-laptop.hh3.site
>> resolves correctly to named on the DC
>>
>> fqdn works, short hostname, nada.
>
> I take it you mean:
>
> hostname -f returns 'lubuntu-laptop.hh3.site'
> hostname returns nothing
No, that returns correctly:
hostname
lubuntu-laptop
hostname -f
lubuntu-laptop.hh3.site
>
> if so, what does 'cat /etc/hostname' return ?
lubuntu-laptop
All OK there too.
For good measure, we set it to 1.23 and:
samba-tool dns update hh16 hh3.site lubuntu-laptop A 192.168.1.23
192.168.1.22
Password for [Administrator at HH3.SITE]:
Record updated successfully
nslookup finds it:
nslookup lubuntu-laptop
Server: 192.168.1.16
Address: 192.168.1.16#53
Name: lubuntu-laptop.hh3.site
Address: 192.168.1.22
So it's there, but neither dig nor nsupdate recognises it as the short
hostname. Were assuming that's what we're up against.
Steve
More information about the samba
mailing list