[Samba] DDNS Error
Stefan Kania
stefan at kania-online.de
Wed May 16 10:32:52 UTC 2018
It's me again :-)
Now we have DDNS with DHCP running but we have a problem on one of our
two DCs. Btw we used the setup and the script from wiki.
Doing a "dhclient" on a host we are getting the following messages:
-------------
Mai 16 12:13:28 samba41 dhcpd[3961]: Commit: IP: 192.168.0.249 DHCID:
1:50:5b:5d:1c:ab:aa Name: horst
Mai 16 12:13:28 samba41 dhcpd[3961]: execute_statement argv[0] =
/etc/dhcp/bin/dhcp-dyndns.sh
Mai 16 12:13:28 samba41 dhcpd[3961]: execute_statement argv[1] = add
Mai 16 12:13:28 samba41 dhcpd[3961]: execute_statement argv[2] =
192.168.0.249
Mai 16 12:13:28 samba41 dhcpd[3961]: execute_statement argv[3] =
1:50:5b:5d:1c:ab:aa
Mai 16 12:13:28 samba41 dhcpd[3961]: execute_statement argv[4] = horst
Mai 16 12:13:28 samba41 root[7505]: DHCP-DNS Update failed: 11
Mai 16 12:13:28 samba41 dhcpd[3961]: execute:
/etc/dhcp/bin/dhcp-dyndns.sh exit status 2816
-------------
We then tried to create the entry with the script:
----------------
/etc/dhcp/bin/dhcp-dyndns.sh "add" 192.168.225.60 1:50:5b:5d:1c:ab:aa horst
.
.
.
3160958102.sig-samba41.example.net. 0 ANY TKEY gss-tsig. 0 0 3 BADKEY 0 0
dns_tkey_negotiategss: TKEY is unacceptable
----------------
Then we checked with:
-----------
samba_dnsupdate --verbose
-----------
Everything is fine, no error about the unacceptable TKEY
We did everything from:
https://wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable
- deleted the dns.keytab
- deleted the dns-samba41 user
- run "samba_upgradedns --dns-backend=BIND9_DLZ"
We checked the permissions of all files. We checked the bind9 config for
the TKEY line. Everything is ok.
The update works on the second DC without any error about the key. It's
only one ADDC that makes the problem.
The only differences we found was that the username on the working ADDC
is in capital letters (CN=dns-SAMBA42) and on the non working ADDC in
small letter (CN=dns-samba41). But on both systems it's the same inside
the dns.keytab. (small =non working | capital = working).
Any help?
Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20180516/cec58b2c/signature.sig>
More information about the samba
mailing list