[Samba] samba 4.7.6-Ubuntu + ipv6 not work bind9-DLZ
spiderslack
spiderslack at yahoo.com.br
Mon Sep 10 20:17:01 UTC 2018
Em 10-09-2018 16:10, spiderslack via samba escreveu:
> Em 10-09-2018 10:43, Rowland Penny via samba escreveu:
>> On Mon, 10 Sep 2018 09:56:46 -0400
>> spiderslack via samba <samba at lists.samba.org> wrote:
>>
>>> Hi, all
>>>
>>>
>>> I trying setting domain samba with bind9-DLZ. I followed the tutorial
>>> https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller,
>>>
>>> but not work. see the tests bellow
>>>
>>>
>>> ricardobarbosa at isadora:~$ bash tools/testSambaRecords.sh
>>> Host _ldap._tcp.freewaynet.corp not found: 3(NXDOMAIN)
>>> Host _kerberos._udp.freewaynet.corp not found: 3(NXDOMAIN)
>>> Host agamenon.freewaynet.corp not found: 3(NXDOMAIN)
>>> ricardobarbosa at isadora:~$
>>>
>>> following link to troubleshooting
>>>
>>>
>>> ------------------------ inicio -------------------------------
>>> root at agamenon:~# ps axf | egrep "samba|smbd|winbind"
>>> 1283 pts/0 S+ 0:00 | \_ samba -i
>>> 1284 pts/0 S+ 0:00 | \_ samba -i
>>> 1290 pts/0 S+ 0:00 | | \_ samba -i
>>> 1291 ? Ss 0:00 | | \_
>>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>>> --log-stdout
>>> 1305 ? S 0:00 | | \_
>>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>>> --log-stdout
>>> 1306 ? S 0:00 | | \_
>>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>>> --log-stdout
>>> 1307 ? S 0:00 | | \_
>>> /usr/sbin/smbd -D --option=server role check:inhibit=yes --foreground
>>> --log-stdout
>>> 1285 pts/0 S+ 0:00 | \_ samba -i
>>> 1286 pts/0 S+ 0:00 | \_ samba -i
>>> 1287 pts/0 S+ 0:00 | \_ samba -i
>>> 1288 pts/0 S+ 0:00 | \_ samba -i
>>> 1289 pts/0 S+ 0:00 | \_ samba -i
>>> 1292 pts/0 S+ 0:00 | \_ samba -i
>>> 1293 pts/0 S+ 0:00 | \_ samba -i
>>> 1295 pts/0 S+ 0:00 | \_ samba -i
>>> 1297 pts/0 S+ 0:00 | \_ samba -i
>>> 1298 pts/0 S+ 0:00 | \_ samba -i
>>> ------------------------------------------------------------
>>>
>>>
>> Hmm, you have grepped for 'winbind' but it isn't showing, have you
>> installed the winbind package ?
>>
>> Rowland
>>
> Hi, thanks for answering.
>
>
> I did not install winbind because i figured it was installed along
> with samba. in smb.conf until it has a reference to winbind
>
>
> -----------------------------
>
> server role = active directory domain controller
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
> drepl, winbindd, ntp_signd, kcc, dnsupdate
>
> -----------------------------
>
>
> I need install winbind?
>
>
> But when join the workstation the domain, i get followed:
>
>
> -----------------------------------
>
> The following error ocurred attempting to join the domain An internal
> error occurred
>
> -----------------------------------
>
>
> I debug the process samba with command "samba -i -d 4" i get followed
> error:
>
>
> ----------------------------------------------------------------------
>
>
> added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast=
> netmask=ffff:ffff:ffff:ffff::
> added interface ens32 ip=192.168.1.252 bcast=192.168.1.255
> netmask=255.255.255.0
> added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast=
> netmask=ffff:ffff:ffff:ffff::
> added interface ens32 ip=192.168.1.252 bcast=192.168.1.255
> netmask=255.255.255.0
> added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast=
> netmask=ffff:ffff:ffff:ffff::
> added interface ens32 ip=192.168.1.252 bcast=192.168.1.255
> netmask=255.255.255.0
> added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast=
> netmask=ffff:ffff:ffff:ffff::
> added interface ens32 ip=192.168.1.252 bcast=192.168.1.255
> netmask=255.255.255.0
> added interface ens32 ip=2001:db8:3:0:20c:29ff:fecb:5299 bcast=
> netmask=ffff:ffff:ffff:ffff::
> added interface ens32 ip=192.168.1.252 bcast=192.168.1.255
> netmask=255.255.255.0
> Kerberos: AS-REQ Administrator at freewaynet.corp from
> ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61477 for
> krbtgt/freewaynet.corp at freewaynet.corp
> Kerberos: Client sent patypes: 128
> Kerberos: Looking for PKINIT pa-data -- Administrator at freewaynet.corp
> Kerberos: Looking for ENC-TS pa-data -- Administrator at freewaynet.corp
> Kerberos: No preauth found, returning PREAUTH-REQUIRED --
> Administrator at freewaynet.corp
> Terminating connection - 'kdc_tcp_call_loop:
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> single_terminate: reason[kdc_tcp_call_loop:
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
> Kerberos: AS-REQ Administrator at freewaynet.corp from
> ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61478 for
> krbtgt/freewaynet.corp at freewaynet.corp
> Kerberos: Client sent patypes: encrypted-timestamp, 128
> Kerberos: Looking for PKINIT pa-data -- Administrator at freewaynet.corp
> Kerberos: Looking for ENC-TS pa-data -- Administrator at freewaynet.corp
> Kerberos: ENC-TS Pre-authentication succeeded --
> Administrator at freewaynet.corp using aes256-cts-hmac-sha1-96
> Auth: [Kerberos KDC,ENC-TS Pre-authentication] user
> [(null)]\[Administrator at freewaynet.corp] at [Mon, 10 Sep 2018
> 14:42:38.918181 UTC] with [aes256-cts-hmac-sha1-96] status
> [NT_STATUS_OK] workstation [(null)] remote host
> [ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61478] became
> [FREEWAYNET]\[Administrator]
> [S-1-5-21-1615479121-2557752159-4193559781-500]. local host [NULL]
> JSON Authentication: {"timestamp": "2018-09-10T14:42:38.918341+0000",
> "type": "Authentication", "Authentication": {"version": {"major": 1,
> "minor": 0}, "status": "NT_STATUS_OK", "localAddress": "NULL",
> "remoteAddress": "ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61478",
> "serviceDescription": "Kerberos KDC", "authDescription": "ENC-TS
> Pre-authentication", "clientDomain": null, "clientAccount":
> "Administrator at freewaynet.corp", "workstation": null, "becameAccount":
> "Administrator", "becameDomain": "FREEWAYNET", "becameSid":
> "S-1-5-21-1615479121-2557752159-4193559781-500", "mappedAccount":
> "Administrator", "mappedDomain": "FREEWAYNET", "netlogonComputer":
> null, "netlogonTrustAccount": null, "netlogonNegotiateFlags":
> "0x00000000", "netlogonSecureChannelType": 0,
> "netlogonTrustAccountSid": "(NULL SID)", "passwordType":
> "aes256-cts-hmac-sha1-96"}}
> get_auth_event_server: Failed to find 'auth_event' registered on the
> message bus to send JSON authentication events to:
> NT_STATUS_OBJECT_NAME_NOT_FOUND
> authsam_account_ok: Checking SMB password for user
> Administrator at freewaynet.corp
> Kerberos: AS-REQ authtime: 2018-09-10T14:42:38 starttime: unset
> endtime: 2018-09-11T00:42:38 renew till: 2018-09-17T14:42:38
> Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96,
> aes128-cts-hmac-sha1-96, arcfour-hmac-md5, 24, -135, des-cbc-md5,
> using aes256-cts-hmac-sha1-96/aes256-cts-hmac-sha1-96
> Kerberos: Requested flags: renewable-ok, canonicalize, renewable,
> forwardable
> Terminating connection - 'kdc_tcp_call_loop:
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> single_terminate: reason[kdc_tcp_call_loop:
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
> Kerberos: TGS-REQ Administrator at FREEWAYNET.CORP from
> ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61479 for
> cifs/agamenon.freewaynet.corp at FREEWAYNET.CORP [canonicalize,
> renewable, forwardable]
> Kerberos: TGS-REQ authtime: 2018-09-10T14:42:38 starttime:
> 2018-09-10T14:42:38 endtime: 2018-09-11T00:42:38 renew till:
> 2018-09-17T14:42:38
> Terminating connection - 'kdc_tcp_call_loop:
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> single_terminate: reason[kdc_tcp_call_loop:
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
> Kerberos: TGS-REQ Administrator at FREEWAYNET.CORP from
> ipv6:2001:db8:3:0:57c:a284:973d:9b5f:61480 for
> krbtgt/FREEWAYNET.CORP at FREEWAYNET.CORP [renewable-ok, canonicalize,
> renewable, forwarded, forwardable]
> Kerberos: TGS-REQ authtime: 2018-09-10T14:42:38 starttime:
> 2018-09-10T14:42:38 endtime: 2018-09-11T00:42:38 renew till:
> 2018-09-17T14:42:38
> Terminating connection - 'kdc_tcp_call_loop:
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
> single_terminate: reason[kdc_tcp_call_loop:
> tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]
>
>
> ----------------------------------------------------------------------
>
> Any idea?
>
>
Hi install winbind its works thanks and special thanks Rowland
:)
Att
s
More information about the samba
mailing list