[Samba] Samba 4.7.2 + bind on Fedora 27: samba_dlz: spnego update failed
Dario Lesca
d.lesca at solinos.it
Mon Dec 4 15:31:16 UTC 2017
Il giorno lun, 04/12/2017 alle 16.00 +0100, Dario Lesca via samba ha
scritto:
> The samba command
>
> samba_dnsupdate --verbose --all-names --fail-immediately
>
> not work
I have add '-d 9' to dlz section
dlz "AD DNS Zone" {
# For BIND 9.11.x
database "dlopen /usr/lib64/samba/bind9/dlz_bind9_11.so -d 9";
};
And this is the debug message:
[ root at server-addc ~]# samba_dnsupdate --all-names --fail-immediately
update failed: REFUSED
dic 04 16:25:21 server-addc.dogma-to.loc named[1121]: samba_dlz: starting transaction on zone dogma-to.loc
dic 04 16:25:21 server-addc.dogma-to.loc named[1121]: samba_dlz: Starting GENSEC mechanism spnego
dic 04 16:25:21 server-addc.dogma-to.loc named[1121]: samba_dlz: Starting GENSEC submechanism gssapi_krb5
dic 04 16:25:21 server-addc.dogma-to.loc named[1121]: samba_dlz: GSS server Update(krb5)(1) Update failed: Unspecified GSS failure. Minor code may provide more information: Request is a replay
dic 04 16:25:21 server-addc.dogma-to.loc named[1121]: samba_dlz: spnego update failed
dic 04 16:25:21 server-addc.dogma-to.loc named[1121]: client @0x7fafe90c3400 192.168.41.1#57335/key SERVER-ADDC\$\@DOGMA-TO.LOC: updating zone 'dogma-to.loc/NONE': update failed: rejected by secure update (REFUSED)
dic 04 16:25:21 server-addc.dogma-to.loc named[1121]: samba_dlz: cancelling transaction on zone dogma-to.loc
Can this help us?
Thanks
--
Dario Lesca
(inviato dal mio Linux Fedora 27 Workstation)
More information about the samba
mailing list