[Samba] samba 4.7.6-Ubuntu + ipv6 not work bind9-DLZ
spiderslack
spiderslack at yahoo.com.br
Mon Sep 10 20:10:19 UTC 2018
Em 10-09-2018 10:43, Rowland Penny via samba escreveu:
> On Mon, 10 Sep 2018 09:56:46 -0400
> spiderslack via samba <samba at lists.samba.org> wrote:
>
>> Hi, all
>>
>>
>> I trying setting domain samba with bind9-DLZ. I followed the tutorial
>> https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller,
>> but not work. see the tests bellow
>>
>>
>> ricardobarbosa at isadora:~$ bash tools/testSambaRecords.sh
>> Host _ldap._tcp.freewaynet.corp not found: 3(NXDOMAIN)
>> Host _kerberos._udp.freewaynet.corp not found: 3(NXDOMAIN)
>> Host agamenon.freewaynet.corp not found: 3(NXDOMAIN)
>> ricardobarbosa at isadora:~$
>>
>> following link to troubleshooting
>>
>>
>> ------------------------ inicio -------------------------------
>> root at agamenon:~# ps axf | egrep "samba|smbd|winbind"
>> 1283 pts/0 S+ 0:00 | \_ samba -i
>> 1284 pts/0 S+ 0:00 | \_ samba -i
>> 1290 pts/0 S+ 0:00 | | \_ samba -i
>> 1291 ? Ss 0:00 | | \_
>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>> --log-stdout
>> 1305 ? S 0:00 | | \_
>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>> --log-stdout
>> 1306 ? S 0:00 | | \_
>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>> --log-stdout
>> 1307 ? S 0:00 | | \_
>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>> --log-stdout
>> 1285 pts/0 S+ 0:00 | \_ samba -i
>> 1286 pts/0 S+ 0:00 | \_ samba -i
>> 1287 pts/0 S+ 0:00 | \_ samba -i
>> 1288 pts/0 S+ 0:00 | \_ samba -i
>> 1289 pts/0 S+ 0:00 | \_ samba -i
>> 1292 pts/0 S+ 0:00 | \_ samba -i
>> 1293 pts/0 S+ 0:00 | \_ samba -i
>> 1295 pts/0 S+ 0:00 | \_ samba -i
>> 1297 pts/0 S+ 0:00 | \_ samba -i
>> 1298 pts/0 S+ 0:00 | \_ samba -i
>> ------------------------------------------------------------
>>
>>
> Hmm, you have grepped for 'winbind' but it isn't showing, have you
> installed the winbind package ?
>
> Rowland
>
Hi, thanks for answering.
I did not install winbind because i figured it was installed along with
samba. in smb.conf until it has a reference to winbind
-----------------------------
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbindd, ntp_signd, kcc, dnsupdate
-----------------------------
I need install winbind?
But when join the workstation the domain, i get followed:
-----------------------------------
The following error ocurred attempting to join the domain An internal
error occurred
-----------------------------------
I debug the process samba with command "samba -i -d 4" i get followed error:
----------------------------------------------------------------------
added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast=
netmask=ffff:ffff:ffff:ffff::
added interface ens32 ip=192.168.1.252 bcast=192.168.1.255
netmask=255.255.255.0
added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast=
netmask=ffff:ffff:ffff:ffff::
added interface ens32 ip=192.168.1.252 bcast=192.168.1.255
netmask=255.255.255.0
added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast=
netmask=ffff:ffff:ffff:ffff::
added interface ens32 ip=192.168.1.252 bcast=192.168.1.255
netmask=255.255.255.0
added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast=
netmask=ffff:ffff:ffff:ffff::
added interface ens32 ip=192.168.1.252 bcast=192.168.1.255
netmask=255.255.255.0
added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast=
netmask=ffff:ffff:ffff:ffff::
added interface ens32 ip=192.168.1.252 bcast=192.168.1.255
netmask=255.255.255.0
Kerberos: AS-REQ Administrator at freewaynet.corp from
ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61477 for
krbtgt/freewaynet.corp at freewaynet.corp
Kerberos: Client sent patypes: 128
Kerberos: Looking for PKINIT pa-data -- Administrator at freewaynet.corp
Kerberos: Looking for ENC-TS pa-data -- Administrator at freewaynet.corp
Kerberos: No preauth found, returning PREAUTH-REQUIRED --
Administrator at freewaynet.corp
Terminating connection - 'kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv()
- NT_STATUS_CONNECTION_DISCONNECTED]
Kerberos: AS-REQ Administrator at freewaynet.corp from
ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61478 for
krbtgt/freewaynet.corp at freewaynet.corp
Kerberos: Client sent patypes: encrypted-timestamp, 128
Kerberos: Looking for PKINIT pa-data -- Administrator at freewaynet.corp
Kerberos: Looking for ENC-TS pa-data -- Administrator at freewaynet.corp
Kerberos: ENC-TS Pre-authentication succeeded --
Administrator at freewaynet.corp using aes256-cts-hmac-sha1-96
Auth: [Kerberos KDC,ENC-TS Pre-authentication] user
[(null)]\[Administrator at freewaynet.corp] at [Mon, 10 Sep 2018
14:42:38.918181 UTC] with [aes256-cts-hmac-sha1-96] status
[NT_STATUS_OK] workstation [(null)] remote host
[ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61478] became
[FREEWAYNET]\[Administrator]
[S-1-5-21-1615479121-2557752159-4193559781-500]. local host [NULL]
JSON Authentication: {"timestamp": "2018-09-10T14:42:38.918341+0000",
"type": "Authentication", "Authentication": {"version": {"major": 1,
"minor": 0}, "status": "NT_STATUS_OK", "localAddress": "NULL",
"remoteAddress": "ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61478",
"serviceDescription": "Kerberos KDC", "authDescription": "ENC-TS
Pre-authentication", "clientDomain": null, "clientAccount":
"Administrator at freewaynet.corp", "workstation": null, "becameAccount":
"Administrator", "becameDomain": "FREEWAYNET", "becameSid":
"S-1-5-21-1615479121-2557752159-4193559781-500", "mappedAccount":
"Administrator", "mappedDomain": "FREEWAYNET", "netlogonComputer": null,
"netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x00000000",
"netlogonSecureChannelType": 0, "netlogonTrustAccountSid": "(NULL SID)",
"passwordType": "aes256-cts-hmac-sha1-96"}}
get_auth_event_server: Failed to find 'auth_event' registered on the
message bus to send JSON authentication events to:
NT_STATUS_OBJECT_NAME_NOT_FOUND
authsam_account_ok: Checking SMB password for user
Administrator at freewaynet.corp
Kerberos: AS-REQ authtime: 2018-09-10T14:42:38 starttime: unset endtime:
2018-09-11T00:42:38 renew till: 2018-09-17T14:42:38
Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96,
aes128-cts-hmac-sha1-96, arcfour-hmac-md5, 24, -135, des-cbc-md5, using
aes256-cts-hmac-sha1-96/aes256-cts-hmac-sha1-96
Kerberos: Requested flags: renewable-ok, canonicalize, renewable,
forwardable
Terminating connection - 'kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv()
- NT_STATUS_CONNECTION_DISCONNECTED]
Kerberos: TGS-REQ Administrator at FREEWAYNET.CORP from
ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61479 for
cifs/agamenon.freewaynet.corp at FREEWAYNET.CORP [canonicalize, renewable,
forwardable]
Kerberos: TGS-REQ authtime: 2018-09-10T14:42:38 starttime:
2018-09-10T14:42:38 endtime: 2018-09-11T00:42:38 renew till:
2018-09-17T14:42:38
Terminating connection - 'kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv()
- NT_STATUS_CONNECTION_DISCONNECTED]
Kerberos: TGS-REQ Administrator at FREEWAYNET.CORP from
ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61480 for
krbtgt/FREEWAYNET.CORP at FREEWAYNET.CORP [renewable-ok, canonicalize,
renewable, forwarded, forwardable]
Kerberos: TGS-REQ authtime: 2018-09-10T14:42:38 starttime:
2018-09-10T14:42:38 endtime: 2018-09-11T00:42:38 renew till:
2018-09-17T14:42:38
Terminating connection - 'kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv()
- NT_STATUS_CONNECTION_DISCONNECTED]
----------------------------------------------------------------------
Any idea?
More information about the samba
mailing list