[Samba] samba 4.7.6-Ubuntu + ipv6 not work bind9-DLZ

spiderslack spiderslack at yahoo.com.br
Mon Sep 10 20:17:01 UTC 2018


Em 10-09-2018 16:10, spiderslack via samba escreveu:
> Em 10-09-2018 10:43, Rowland Penny via samba escreveu:
>> On Mon, 10 Sep 2018 09:56:46 -0400
>> spiderslack via samba <samba at lists.samba.org> wrote:
>>
>>> Hi, all
>>>
>>>
>>> I trying setting domain samba with bind9-DLZ. I followed the tutorial
>>> https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller, 
>>>
>>> but not work. see the tests bellow
>>>
>>>
>>> ricardobarbosa at isadora:~$ bash tools/testSambaRecords.sh
>>> Host _ldap._tcp.freewaynet.corp not found: 3(NXDOMAIN)
>>> Host _kerberos._udp.freewaynet.corp not found: 3(NXDOMAIN)
>>> Host agamenon.freewaynet.corp not found: 3(NXDOMAIN)
>>> ricardobarbosa at isadora:~$
>>>
>>> following link to troubleshooting
>>>
>>>
>>> ------------------------ inicio -------------------------------
>>> root at agamenon:~# ps axf | egrep "samba|smbd|winbind"
>>>    1283 pts/0    S+     0:00  |                   \_ samba -i
>>>    1284 pts/0    S+     0:00  |                       \_ samba -i
>>>    1290 pts/0    S+     0:00  |                       |   \_ samba -i
>>>    1291 ?        Ss     0:00  |                       | \_
>>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>>> --log-stdout
>>>    1305 ?        S      0:00  | |           \_
>>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>>> --log-stdout
>>>    1306 ?        S      0:00  | |           \_
>>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>>> --log-stdout
>>>    1307 ?        S      0:00  | |           \_
>>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>>> --log-stdout
>>>    1285 pts/0    S+     0:00  |                       \_ samba -i
>>>    1286 pts/0    S+     0:00  |                       \_ samba -i
>>>    1287 pts/0    S+     0:00  |                       \_ samba -i
>>>    1288 pts/0    S+     0:00  |                       \_ samba -i
>>>    1289 pts/0    S+     0:00  |                       \_ samba -i
>>>    1292 pts/0    S+     0:00  |                       \_ samba -i
>>>    1293 pts/0    S+     0:00  |                       \_ samba -i
>>>    1295 pts/0    S+     0:00  |                       \_ samba -i
>>>    1297 pts/0    S+     0:00  |                       \_ samba -i
>>>    1298 pts/0    S+     0:00  |                       \_ samba -i
>>> ------------------------------------------------------------
>>>
>>>
>> Hmm, you have grepped for 'winbind' but it isn't showing, have you
>> installed the winbind package ?
>>
>> Rowland
>>
> Hi, thanks for answering.
>
>
> I did not install winbind because i figured it was installed along 
> with samba. in smb.conf until it has a reference to winbind
>
>
> -----------------------------
>
>         server role = active directory domain controller
>         server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, 
> drepl, winbindd, ntp_signd, kcc, dnsupdate
>
> -----------------------------
>
>
> I need install winbind?
>
>
> But when join the workstation the domain, i get followed:
>
>
> -----------------------------------
>
> The following error ocurred attempting to join the domain An internal 
> error occurred
>
> -----------------------------------
>
>
> I debug the process samba with command "samba -i -d 4" i get followed 
> error:
>
>
> ----------------------------------------------------------------------
>
>
> added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast= 
> netmask=ffff:ffff:ffff:ffff::
> added interface ens32 ip=192.168.1.252 bcast=192.168.1.255 
> netmask=255.255.255.0
> added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast= 
> netmask=ffff:ffff:ffff:ffff::
> added interface ens32 ip=192.168.1.252 bcast=192.168.1.255 
> netmask=255.255.255.0
> added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast= 
> netmask=ffff:ffff:ffff:ffff::
> added interface ens32 ip=192.168.1.252 bcast=192.168.1.255 
> netmask=255.255.255.0
> added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast= 
> netmask=ffff:ffff:ffff:ffff::
> added interface ens32 ip=192.168.1.252 bcast=192.168.1.255 
> netmask=255.255.255.0
> added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast= 
> netmask=ffff:ffff:ffff:ffff::
> added interface ens32 ip=192.168.1.252 bcast=192.168.1.255 
> netmask=255.255.255.0
> Kerberos: AS-REQ Administrator at freewaynet.corp from 
> ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61477 for 
> krbtgt/freewaynet.corp at freewaynet.corp
> Kerberos: Client sent patypes: 128
> Kerberos: Looking for PKINIT pa-data -- Administrator at freewaynet.corp
> Kerberos: Looking for ENC-TS pa-data -- Administrator at freewaynet.corp
> Kerberos: No preauth found, returning PREAUTH-REQUIRED -- 
> Administrator at freewaynet.corp
> Terminating connection - 'kdc_tcp_call_loop: 
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> single_terminate: reason[kdc_tcp_call_loop: 
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
> Kerberos: AS-REQ Administrator at freewaynet.corp from 
> ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61478 for 
> krbtgt/freewaynet.corp at freewaynet.corp
> Kerberos: Client sent patypes: encrypted-timestamp, 128
> Kerberos: Looking for PKINIT pa-data -- Administrator at freewaynet.corp
> Kerberos: Looking for ENC-TS pa-data -- Administrator at freewaynet.corp
> Kerberos: ENC-TS Pre-authentication succeeded -- 
> Administrator at freewaynet.corp using aes256-cts-hmac-sha1-96
> Auth: [Kerberos KDC,ENC-TS Pre-authentication] user 
> [(null)]\[Administrator at freewaynet.corp] at [Mon, 10 Sep 2018 
> 14:42:38.918181 UTC] with [aes256-cts-hmac-sha1-96] status 
> [NT_STATUS_OK] workstation [(null)] remote host 
> [ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61478] became 
> [FREEWAYNET]\[Administrator] 
> [S-1-5-21-1615479121-2557752159-4193559781-500]. local host [NULL]
> JSON Authentication: {"timestamp": "2018-09-10T14:42:38.918341+0000", 
> "type": "Authentication", "Authentication": {"version": {"major": 1, 
> "minor": 0}, "status": "NT_STATUS_OK", "localAddress": "NULL", 
> "remoteAddress": "ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61478", 
> "serviceDescription": "Kerberos KDC", "authDescription": "ENC-TS 
> Pre-authentication", "clientDomain": null, "clientAccount": 
> "Administrator at freewaynet.corp", "workstation": null, "becameAccount": 
> "Administrator", "becameDomain": "FREEWAYNET", "becameSid": 
> "S-1-5-21-1615479121-2557752159-4193559781-500", "mappedAccount": 
> "Administrator", "mappedDomain": "FREEWAYNET", "netlogonComputer": 
> null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": 
> "0x00000000", "netlogonSecureChannelType": 0, 
> "netlogonTrustAccountSid": "(NULL SID)", "passwordType": 
> "aes256-cts-hmac-sha1-96"}}
> get_auth_event_server: Failed to find 'auth_event' registered on the 
> message bus to send JSON authentication events to: 
> NT_STATUS_OBJECT_NAME_NOT_FOUND
> authsam_account_ok: Checking SMB password for user 
> Administrator at freewaynet.corp
> Kerberos: AS-REQ authtime: 2018-09-10T14:42:38 starttime: unset 
> endtime: 2018-09-11T00:42:38 renew till: 2018-09-17T14:42:38
> Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96, 
> aes128-cts-hmac-sha1-96, arcfour-hmac-md5, 24, -135, des-cbc-md5, 
> using aes256-cts-hmac-sha1-96/aes256-cts-hmac-sha1-96
> Kerberos: Requested flags: renewable-ok, canonicalize, renewable, 
> forwardable
> Terminating connection - 'kdc_tcp_call_loop: 
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> single_terminate: reason[kdc_tcp_call_loop: 
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
> Kerberos: TGS-REQ Administrator at FREEWAYNET.CORP from 
> ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61479 for 
> cifs/agamenon.freewaynet.corp at FREEWAYNET.CORP [canonicalize, 
> renewable, forwardable]
> Kerberos: TGS-REQ authtime: 2018-09-10T14:42:38 starttime: 
> 2018-09-10T14:42:38 endtime: 2018-09-11T00:42:38 renew till: 
> 2018-09-17T14:42:38
> Terminating connection - 'kdc_tcp_call_loop: 
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> single_terminate: reason[kdc_tcp_call_loop: 
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
> Kerberos: TGS-REQ Administrator at FREEWAYNET.CORP from 
> ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61480 for 
> krbtgt/FREEWAYNET.CORP at FREEWAYNET.CORP [renewable-ok, canonicalize, 
> renewable, forwarded, forwardable]
> Kerberos: TGS-REQ authtime: 2018-09-10T14:42:38 starttime: 
> 2018-09-10T14:42:38 endtime: 2018-09-11T00:42:38 renew till: 
> 2018-09-17T14:42:38
> Terminating connection - 'kdc_tcp_call_loop: 
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> single_terminate: reason[kdc_tcp_call_loop: 
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>
>
> ----------------------------------------------------------------------
>
> Any idea?
>
>
Hi install winbind its works thanks and special thanks Rowland
  :)

Att


s



More information about the samba mailing list