[Samba] Cannot contact any KDC for requested realm

Anton Blau tony.blue.mailinglist at gmx.de
Mon Jul 23 21:09:58 UTC 2018 

Am 19.07.2018 um 17:50 schrieb Rowland Penny via samba:
> On Thu, 19 Jul 2018 17:33:46 +0200
> Anton Blau via samba <samba at lists.samba.org> wrote:
>
>> Am 19.07.2018 um 10:03 schrieb Rowland Penny via samba:
>>> On Wed, 18 Jul 2018 23:21:41 +0200
>>> Anton Blau via samba <samba at lists.samba.org> wrote:
>>>
>>>> Am 18.07.2018 um 14:17 schrieb Rowland Penny via samba:
>>>>
>>>
> The above shows the problem, you cannot use the realm name for the
> netbios domain name (aka workgroup), or to put it another way, your
> netbios domain name 'DUCK' cannot be the same as your realm 'DUCK'.
>
> Is your dns domain really just 'duck' ?
> If so, I think you need to consider changing it.
> I suggest you read this:
>
> https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ
>
> You could use something like 'duck.tld', just don't use the TLD '.local'
>

O. K. Thank you. Now a new trial:

samba-tool domain provision --use-rfc2307 --interactive
Realm [DUCK.TLD]: DOMCON.DUCK.TLD
  Domain [DOMCON]: DUCK.TLD
  Server Role (dc, member, standalone) [dc]:
  DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) 
[SAMBA_INTERNAL]:
  DNS forwarder IP address (write 'none' to disable forwarding) 
[192.168.1.254]:
Administrator password:
Retype password:
Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=domcon,DC=duck,DC=tld
Adding configuration container
Setting up sam.ldb schema
Setting up sam.ldb configuration data
Setting up display specifiers
Modifying display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
Adding DNS accounts
Creating CN=MicrosoftDNS,CN=System,DC=domcon,DC=duck,DC=tld
Creating DomainDnsZones and ForestDnsZones partitions
Populating DomainDnsZones and ForestDnsZones partitions
Setting up sam.ldb rootDSE marking as synchronized
Fixing provision GUIDs
A Kerberos configuration suitable for Samba 4 has been generated at 
/var/lib/samba/private/krb5.conf
Setting up fake yp server settings
Once the above files are installed, your Samba4 server will be ready to use
Server Role:           active directory domain controller
Hostname:              domcon
NetBIOS Domain:        DUCK.TLD
DNS Domain:            domcon.duck.tld
DOMAIN SID:            S-1-5-21-2320560232-2299116025-3491239596

But I get no running SAMBA4:

/var/log/syslog:

Jul 23 20:49:36 domcon samba[1513]:   samba version 4.2.14-Debian started.
Jul 23 20:49:36 domcon samba[1513]:   Copyright Andrew Tridgell and the 
Samba Team 1992-2014
Jul 23 20:49:37 domcon samba[1554]: [2018/07/23 20:49:37.084452,  0] 
../source4/smbd/server.c:488(binary_smbd_main)
Jul 23 20:49:37 domcon samba[1554]:   samba: using 'standard' process model
Jul 23 20:49:37 domcon samba[1554]: [2018/07/23 20:49:37.094546,  0] 
../lib/util/become_daemon.c:124(daemon_ready)
Jul 23 20:49:37 domcon samba[1554]:   STATUS=daemon 'samba' finished 
starting up and ready to serve connections
Jul 23 20:49:37 domcon winbindd[1621]: [2018/07/23 20:49:37.232947, 0] 
../source3/winbindd/winbindd_cache.c:3235(initialize_winbindd_cache)
Jul 23 20:49:37 domcon winbindd[1621]:   initialize_winbindd_cache: 
clearing cache and re-creating with version number 2
Jul 23 20:49:37 domcon winbindd[1621]: [2018/07/23 20:49:37.592355, 0] 
../lib/util/become_daemon.c:124(daemon_ready)
Jul 23 20:49:37 domcon winbindd[1621]:   STATUS=daemon 'winbindd' 
finished starting up and ready to serve connections
Jul 23 20:49:37 domcon smbd[1609]: [2018/07/23 20:49:37.973506,  0] 
../lib/util/become_daemon.c:124(daemon_ready)
Jul 23 20:49:37 domcon smbd[1609]:   STATUS=daemon 'smbd' finished 
starting up and ready to serve connections
Jul 23 20:49:38 domcon samba[1619]: [2018/07/23 20:49:38.865881,  0] 
../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
Jul 23 20:49:38 domcon samba[1619]:   /usr/sbin/samba_dnsupdate: 
Traceback (most recent call last):
Jul 23 20:49:38 domcon samba[1619]: [2018/07/23 20:49:38.865968,  0] 
../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
Jul 23 20:49:38 domcon samba[1619]:   /usr/sbin/samba_dnsupdate: File 
"/usr/sbin/samba_dnsupdate", line 614, in <module>
Jul 23 20:49:38 domcon samba[1619]: [2018/07/23 20:49:38.866000,  0] 
../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
Jul 23 20:49:38 domcon samba[1619]:   /usr/sbin/samba_dnsupdate: 
get_credentials(lp)
Jul 23 20:49:38 domcon samba[1619]: [2018/07/23 20:49:38.866026,  0] 
../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
Jul 23 20:49:38 domcon samba[1619]:   /usr/sbin/samba_dnsupdate: File 
"/usr/sbin/samba_dnsupdate", line 125, in get_credentials
Jul 23 20:49:38 domcon samba[1619]: [2018/07/23 20:49:38.866046,  0] 
../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
Jul 23 20:49:38 domcon samba[1619]:   /usr/sbin/samba_dnsupdate: raise e
Jul 23 20:49:38 domcon samba[1619]: [2018/07/23 20:49:38.866072,  0] 
../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
Jul 23 20:49:38 domcon samba[1619]:   /usr/sbin/samba_dnsupdate: 
RuntimeError: kinit for DOMCON$@WORKGROUP failed (Cannot contact any KDC 
for requested realm)
Jul 23 20:49:38 domcon samba[1619]: [2018/07/23 20:49:38.866229,  0] 
../lib/util/util_runcmd.c:324(samba_runcmd_io_handler)
Jul 23 20:49:38 domcon samba[1619]:   /usr/sbin/samba_dnsupdate:
Jul 23 20:55:49 domcon smbd[1630]: [2018/07/23 20:55:49.027185,  0] 
../lib/util/pidfile.c:153(pidfile_unlink)
Jul 23 20:55:49 domcon smbd[1630]:   Failed to delete pidfile 
/var/run/samba/smbd.pid. Error was No such file or directory
Jul 23 20:55:49 domcon samba[1607]: [2018/07/23 20:55:49.028182,  0] 
../file_server/file_server.c:48(file_server_smbd_done)
Jul 23 20:55:49 domcon samba[1607]:   file_server smbd daemon exited 
normally
Jul 23 20:55:49 domcon samba[1554]: [2018/07/23 20:55:49.043272,  0] 
../source4/smbd/server.c:211(samba_terminate)
Jul 23 20:55:49 domcon samba[1554]:   samba_terminate: smbd child 
process exited
Jul 23 20:59:37 domcon winbindd[1626]: [2018/07/23 20:59:37.694999, 0] 
../source3/winbindd/winbindd_cm.c:1670(wb_open_internal_pipe)
Jul 23 20:59:37 domcon winbindd[1626]:   open_internal_pipe: Could not 
connect to lsarpc pipe: NT_STATUS_UNSUCCESSFUL
Jul 23 21:04:37 domcon winbindd[1626]: [2018/07/23 21:04:37.695289, 0] 
../source3/winbindd/winbindd_cm.c:1670(wb_open_internal_pipe)
Jul 23 21:04:37 domcon winbindd[1626]:   open_internal_pipe: Could not 
connect to lsarpc pipe: NT_STATUS_UNSUCCESSFUL
Jul 23 21:06:01 domcon CRON[2406]: (root) CMD (   cd / && run-parts 
--report /etc/cron.hourly)

More information about the samba mailing list