[Samba] Samba4 - Cannot contact any KDC for requested realm

Rowland penny rpenny at samba.org
Tue Mar 22 13:45:37 UTC 2016 

On 22/03/16 13:35, Daniele Manfredi wrote:
> Good afternoon,
> I have installed a fileserver with samba4 environment.
> This is configured to works as AD-DC even if I only use it as a 
> fileserver (at the moment).
> All seems to works fine but, every 10 minutes, the log print these 
> messages:
>
> Mar 22 11:53:17 fileserver samba[1946]: [2016/03/22 11:53:17.557554,  
> 0] ../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
> Mar 22 11:53:17 fileserver samba[1946]: 
> /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call last):
> Mar 22 11:53:17 fileserver samba[1946]: [2016/03/22 11:53:17.557717,  
> 0] ../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
> Mar 22 11:53:17 fileserver samba[1946]: 
> /usr/local/samba/sbin/samba_dnsupdate:   File 
> "/usr/local/samba/sbin/samba_dnsupdate", line 614, in <module>
> Mar 22 11:53:17 fileserver samba[1946]: [2016/03/22 11:53:17.557790,  
> 0] ../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
> Mar 22 11:53:17 fileserver samba[1946]: 
> /usr/local/samba/sbin/samba_dnsupdate:     get_credentials(lp)
> Mar 22 11:53:17 fileserver samba[1946]: [2016/03/22 11:53:17.557825,  
> 0] ../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
> Mar 22 11:53:17 fileserver samba[1946]: 
> /usr/local/samba/sbin/samba_dnsupdate:   File 
> "/usr/local/samba/sbin/samba_dnsupdate", line 125, in get_credentials
> Mar 22 11:53:17 fileserver samba[1946]: [2016/03/22 11:53:17.557867,  
> 0] ../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
> Mar 22 11:53:17 fileserver samba[1946]: 
> /usr/local/samba/sbin/samba_dnsupdate:     raise e
> Mar 22 11:53:17 fileserver samba[1946]: [2016/03/22 11:53:17.557896,  
> 0] ../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
> Mar 22 11:53:17 fileserver samba[1946]: 
> /usr/local/samba/sbin/samba_dnsupdate: RuntimeError: kinit for 
> FILESERVER$@MYDOMAIN.IT failed (Cannot contact any KDC for requested 
> realm)
> Mar 22 11:53:17 fileserver samba[1946]: [2016/03/22 11:53:17.557967,  
> 0] ../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
> Mar 22 11:53:17 fileserver samba[1946]: 
> /usr/local/samba/sbin/samba_dnsupdate:
>
>
> Following, some configuration files that may help you to understand 
> the problem.
>
> /etc/krb5.conf and /usr/local/samba/private/krb5.conf:
>
> [libdefaults]
>         default_realm = MYDOMAIN.IT
>         dns_lookup_realm = false
>         dns_lookup_kdc = true
>
> smb.conf
>
> # Global parameters
> [global]
>         realm = mydomain.it
>         server role = active directory domain controller
>         server services = -dns
>         printcap name = /dev/null
>         unix extensions = no
>         printing = bsd
>         dns forwarder = 8.8.8.8
>         workgroup = MYDOMAIN
>         os level = 255
>         interfaces = 192.168.0.221/255.255.255.0
>         load printers = no
>         netbios name = FILESERVER
>         winbind use default domain = yes
>         winbind trusted domains only = no
>
> Thank you in advance for your help.
> Daniele
>
>
>

OK, you have this:

         server services = -dns

and this:

         dns forwarder = 8.8.8.8

Is Bind9 running on the DC ?
If it is, is it setup correctly ?

What is in /etc/resolv.conf ?

Rowland

More information about the samba mailing list