[Samba] UNSOLVED: Difficulties with Windows XP: failed to find cifs/fileserver.y.z at Y.Z in keytab (arcfour-hmac-md5)

rawi only4com at web.de
Tue Jan 17 13:54:41 UTC 2017 

Samba - General mailing list wrote
> On Tue, 17 Jan 2017 04:30:31 -0800 (PST)
> rawi via samba <

> samba at .samba

> > wrote:
> 
>> Oh and I forgot, I am running a DNS server on the DC, on the right
>> port and with all my clients are needing.
>> They are only not served trough samba but directlly by bind. If they
>> (clients) would see any difference, I couldn't join at all with any
>> machine, isn't it?
>> 
> 
> As I asked if you are using BIND_DLZ, I take it you are using the
> totally unsupported flatfiles. It wouldn't take much to start using
> Bind9 in the way that Samba supports, just why do you not want to do
> this ?
> 
> Rowland

No, I have dhcp and a full bind9 serving master zones forward and reverse,
with exception of the _msdcs... SOA, which I let only forward and it seems
enough...

The configs are static, no dynamic updates, and I generate the dhcp config
and the zones per script, if something changes.

In all the complexity you mean it exists in my unsupported configuration you
will laugh, but I try to keep things simple and stupid, so I can grasp all
the little I do :)

- First I wish to stay with a single dns name space with only a part of it
in the AD, but BIND_DLZ should serve a separate sub-zone for the AD.

- Doing dns and dns-updates trough samba could be a source of error and
frustration, as I read sometimes in questions here in the mail list or other
places in forums.
So I say to my clients to not do dns-updates, because I have already all
possible in DNS.
Equally positive I feel that no service is trying to modify configurations
of another service. I simply avoid this and the need to handle with special
kerberos user-services and keys, or to temper with apparmor is gone too.

- I sniffed at the beginning with dns_update, which records and SOA samba
supplementary needs on this machine, and this is an one time addition to the
zones in bind.

- I learned afterward, which DNS records should be added, if I join a second
DC to the AD.
- It seemed to me (reading different postings), that samba still has a bug
with doing this automatically, so one has anyway to add the _ldap.. ,
objectGUIDs addresses and the other records of the new DC himself.

So, I see it really simpler this way.
I'm sorry, that this will be always a source of discordance here by any
other question, related or unrelated to DNS.
I still do not think that the original problem was caused by the program
which DNS serves, otherwise it would have disturbed all other test-clients.

Regards
rawi




--
View this message in context: http://samba.2283325.n4.nabble.com/Difficulties-with-Windows-XP-failed-to-find-cifs-fileserver-y-z-Y-Z-in-keytab-arcfour-hmac-md5-tp4713385p4713561.html
Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list