[Samba] debian wheezy sernet samba 4.2.1 : DC Joined and : samba_dnsupdate:update failed: NOTAUTH

L.P.H. van Belle belle at bazuin.nl
Wed Apr 22 06:11:43 MDT 2015 

Hai, 
 
I just installed a clean sernet samba 4.2.1 with just 2 dc's, used my scripts, all went ok, but when i check the logs. 
Im see-ing the following..   ( with every start of restart ) 
 
[2015/04/22 13:50:40.622537,  0] ../source4/smbd/server.c:370(binary_smbd_main)
  samba version 4.2.1-SerNet-Debian-7.wheezy started.
  Copyright Andrew Tridgell and the Samba Team 1992-2014
[2015/04/22 13:50:40.957993,  0] ../source4/smbd/server.c:488(binary_smbd_main)
  samba: using 'standard' process model
[2015/04/22 13:50:41.245892,  0] ../lib/util/become_daemon.c:124(daemon_ready)
  STATUS=daemon 'samba' finished starting up and ready to serve connections
[2015/04/22 13:50:42.410197,  0] ../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
  /usr/sbin/samba_dnsupdate: update failed: NOTAUTH
[2015/04/22 13:50:42.453299,  0] ../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
  /usr/sbin/samba_dnsupdate: update failed: NOTAUTH
[2015/04/22 13:50:42.498516,  0] ../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)

 
running : 
samba_dnsupdate --verbose
 
update failed: NOTAUTH
Failed nsupdate: 2
Failed update of 26 entries

 
my resolv.conf was set as followed on DC2 
 
search internal.domain.tld.
nameserver ip_DC1
nameserver ip_DC2 
 
After changing this to.. first itself again..  
 
search internal.domain.tld.
nameserver ip_DC2
nameserver ip_DC1 
 
rerun : samba_dnsupdate --verbose --all-names
and im getting now..   0 errors..  ..
 
as test change back to 
search internal.domain.tld.
nameserver ip_DC1
nameserver ip_DC2 
 
update failed: NOTAUTH
Failed nsupdate: 2
Failed update of 26 entries

running : klist 
 

Valid starting    Expires           Service principal
22/04/2015 13:50  22/04/2015 23:50  krbtgt/internal.domain.tld at INTERNAL.DOMAIN.TLD
        renew until 23/04/2015 13:50
22/04/2015 13:54  22/04/2015 23:50  DNS/dc1.internal.domain.tld at INTERNAL.DOMAIN.TLD
        renew until 23/04/2015 13:50
22/04/2015 14:04  22/04/2015 23:50  host/DC2.internal.domain.tld at INTERNAL.DOMAIN.TLD

so now im bit confused.. 

 
We are adviced to avoid dns inlanding..  
but if i so set it now to avoid im getting NOTAUTH message.. 
 
Anyone any insight in this? 
 
Greetz, 
 
Louis
 


 
 

More information about the samba mailing list