[Samba] dns_tkey_gssnegotiate: TKEY is unacceptable

Billy Bob billysbobs at yahoo.com
Mon Jan 7 21:04:15 UTC 2019

I will check out repo. Thanks.
In the meanwhile,
/etc/hosts is:       localhost   dc01.corp.<DOMAIN>.com      dc01# The following lines are desirable for IPv6 capable hosts::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
I made the change to /etc/resolv.conf and /usr/local/samba/etc/smb.conf is now:
# Global parameters
        bind interfaces only = Yes
        interfaces = lo eno1
        netbios name = DC01
        realm = CORP.<DOMAIN>.COM
        server role = active directory domain controller
        server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
        workgroup = CORP
        idmap_ldb:use rfc2307 = yes
        dns update command = /usr/local/samba/sbin/samba_dnsupdate --use-samba-tool[netlogon]
        path = /usr/local/samba/var/locks/sysvol/corp.<DOMAIN>.com/scripts
        read only = No[sysvol]
        path = /usr/local/samba/var/locks/sysvol
        read only = No
On reboot, systemctl status checks for system, samba-ad-dc and bind9 are all without error, but still get same result for the samba_dnsupdate --verbose --all-names command.
On the dns update command above, does the /usr/local/samba/sbin/samba_dnsupdate --use-samba-tool need to be quoted as such: '/usr/local/samba/sbin/samba_dnsupdate --use-samba-tool'? 
What is in /etc/hosts ?

Change /etc/resolv.conf to this:

search corp.<DOMAIN>.com

Add this line to smb.conf:

dns update command = /usr/local/samba/sbin/samba_dnsupdate --use-samba-tool

More information about the samba mailing list