[Samba] How to handle secure AD dynamic DNS registrations?
Keith Jones
K.E.Jones at brighton.ac.uk
Fri Sep 5 15:34:11 MDT 2014
Hi,
My apologies for the newbie question/dumb-question-of-the-day but when searching the archives I couldn't see the wood for the trees :-/
Are there any good walkthroughs/RTFMs out there for troubleshooting getting samba to register DNS entries to an AD controller that requires secure updates?
I have a CentOS 6 server that seems to be set up correctly. Initially it worked fine, but then the AD controllers expired the DNS entries. As samba doesn't seem to natively refresh the registrations I ended up adding a simple cron job that ran "net ads dns register -P" on a daily basis. It worked for a while but that job is now failing. with "ERROR_DNS_GSS_ERROR" which starts implying that Kerberos tickets or machine account passwords are broken. I'm not sure if they need to be refreshed in a similar way or whether I should tinker with the samba config.
A good guide that explains what I need to have setup to cover the convoluted AD needs for secure updates would be very welcome!
Regards and thanks in advance for any help.
Keith
___________________________________________________________
This email has been scanned by MessageLabs' Email Security
System on behalf of the University of Brighton.
For more information see http://www.brighton.ac.uk/is/spam/
___________________________________________________________
More information about the samba
mailing list