[Samba] samba 4.1.17 on raspberry pi as ad dc - internal dns problems

Matthias Busch catwiesel at gmx.net
Thu Mar 12 09:43:56 MDT 2015 

Hey Peter,

many thanks for your reply.

---
regarding .local domains
I know this is regarded by some as bad form, is actively being 
discouraged by the samba wiki and can cause problems with 
bonjour/zerobla configuration.

I can say for certain that no apple devices will ever come anywhere near 
that network and the other drawbacks of .local like getting signed 
certs... should never be an issue in this case.

I am hesitant to use .net (the domain I own) in fear of having dns 
issues. i do not control the NS for the internet accesible .net domain 
either.

In the end, unless .local will not cause problems like software X will 
not work with .local I should be fine.

---

DNS seems fixed

I was further looking around and studying /var/log/syslog, looking for 
hints when I saw some signs of slapd causing taking ports and causing 
samba to throw errors (cant bind to port)

I removed slapd and rebooted:
- DNS works for internet domains
- host -t SRV _ldap._tcp.my-domain.local --> looking good
- samba_dnsupdate --verbose --> looking good
- smbclient -L localhost -U% --> showing shares

---

Kerberos still on the fritz

kinit administrator at MY-DOMAIN.LOCAL --> kinit: Cannot contact any KDC 
for realm 'MY-DOMAIN.LOCAL' while getting initial credentials
klist -e --> klist: No credentials cache found (ticket cache 
FILE:/tmp/krb5cc_0)

--- /usr/local/samba/etc/smb.conf

# Global parameters
[global]
	workgroup = MY-DOMAIN
	realm = MY-DOMAIN.LOCAL
	netbios name = ADSERVER
	server role = active directory domain controller
	dns forwarder = 192.168.7.1
	idmap_ldb:use rfc2307 = yes

[netlogon]
	path = /usr/local/samba/var/locks/sysvol/fam-busch.local/scripts
	read only = No

[sysvol]
	path = /usr/local/samba/var/locks/sysvol
	read only = No


--- /etc/krb5.conf

[libdefaults]
	default_realm = MY-DOMAIN.LOCAL
	dns_lookup_realm = false
	dns_lookup_kdc = true


--- nsswitch ???

whats that? where? find / -iname "nsswitch" shows 3 directories in my samba4.1.17 source directory

---

checking daemon.log now and google abit about krb5.

If anything strikes you as odd and/or you have ideas to try, I'll look 
forward to hearing about it.

Thanks
M.

More information about the samba mailing list