[Samba] samba 4.1.17 on raspberry pi as ad dc - internal dns problems
catwiesel at gmx.net
Thu Mar 12 08:00:29 MDT 2015
I have a raspberry pi with raspbian. I am trying to get samba 4.1.17 to
work as AD DC and have problems which seem to be dns related...
What I did to get here:
- I removed the preinstalled samba
- installed prerequisites (build-essential libacl1-dev libattr1-dev
libblkid-dev libgnutls-dev libreadline-dev python-dev libpam0g-dev
python-dnspython gdb pkg-config libpopt-dev libldap2-dev dnsutils
libbsd-dev attr krb5-user* docbook-xsl libcups2-dev acl libkrb5-dev)
- installed optionals (acl, python-xattr, util-linux, gnutls-bin,
readline-common, cups, python-setproctitle, slapd**)
(some preqrequisites and optionals were already installed)
(I initially did install xsltproc and docbook but got errors during make
at the documentation. removed them and started at config again)
-* krb5 wanted some kerberos data which I diddnt have yet, so i gave it some
-** ldap wanted some stuff and possibly created DC entries which will
not be correct for dc=my-domain, dc=local
- got samba 4.1.17 as tar.gz via wget from samba.org
- configure /(//--prefix=/usr/local/samba
- make install
/ -added /usr/local/samba/bin and .../sbin to %PATH (all users)
- followed instructions for debain under
https://wiki.samba.org/index.php/Samba4/InitScript for init.d script
- setup network/name/etc
-- network/interfaces: ip is static (192.168.7.254/24, gateway is router
.1, dns-nameservers is 192.168.7.254, dns-search is my-domain.local)
-- hostname is adserver.my-domain.local
-- hosts is 127.0.0.1 localhost localhost.my-domain and 192.168.7.254
- samba -V shows 4.1.17, smbclient -V shows 4.1.17
- ran samba-tool domain provision --interactive --use-rfc230
---domain my-domain (I pressed enter and took the preset)
--- internal dns
--- forward dns: 192.168.7.1
--- gave admin pw
output was looking good, no error...
- copied the krb5.conf file provided by samba over /etc/krb5.conf
(checked content, $(REALM) was replaced by my-domain.local)
tests --> and results
names do not resolve (except the entries in hosts)
smbclient -L localhost -U% --> session setup failed: NT_STATUS_CONNECTION_REFUSED
kinitadministrator at MY-DOMAIN.LOCAL --> <mailto:administrator at OFFERLAMNET.LOCAL>kinit: Cannot contact any KDC for realm 'MY-DOMAIN.LOCAL' while getting initial credentials
klist -e --> klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0)
host -t SRV _ldap._tcp.my-domain.local --> ;; connection timed out. no
server could be reached
--> gives a LOT of errors "failed to find dns entry..."
obviously kerberos is having trouble. however, I feel like kerberos has
problems because dns has problems.
DNS itself seems not to work at all.
Unfortunately I dont know anything about sambas internal dns. I expected
it to work "out of the box".
Is it a seperate service that needs to be started? or a special option
for configure ?
How do you propose I could fix my dns problem (except "use another dns
daemon like bind")?
Any help will be appreciated...
More information about the samba