[Samba] Invalid zone operation IsSigned ERROR
Rowland Penny
rpenny at samba.org
Tue May 22 22:09:32 UTC 2018
On Tue, 22 May 2018 15:44:49 -0500
rschiefer at suturehealth.com wrote:
> I noticed the krb5 service is not running on DC-1. Is that needed?
> Is it needed on all the DCs?
>
> I can get it running if I run the "kdb5_util create" command.
Are you running a kerberos server separately on each DC ?
If you are, I suggest a quick 'apt-get purge <what you installed to
get the kerberos server>'. You should only have kerberos client
packages installed.
What packages did you install to get Samba working on the DCs ?
You should have something like these:
attr samba smbclient dnsutils acl krb5-user ntp winbind
You will also need these to use a DC as a fileserver:
libpam-winbind libpam-krb5 libnss-winbind
You can check if Samba kerberos is running with:
netstat -an | grep :88
It should produce something like this:
tcp 0 0 0.0.0.0:88 0.0.0.0:* LISTEN
tcp6 0 0 :::88 :::* LISTEN
udp 0 0 192.168.0.6:88 0.0.0.0:*
udp 0 0 0.0.0.0:88 0.0.0.0:*
udp6 0 0 :::88 :::*
Rowland
More information about the samba
mailing list