[Samba] dns_tkey_gssnegotiate: TKEY is unacceptable

Rowland penny rpenny at samba.org
Fri Jul 3 14:15:44 UTC 2020


On 03/07/2020 15:07, Robert E. Wooden via samba wrote:
> On 7/3/2020 8:58 AM, Rowland penny via samba wrote:
>> Please do not use '127.0.0.1' as a nameserver, use the DC's ipaddress 
>> instead.
>
> I have corrected this as you have suggested.
>
>>
>> You might be looking at the wrong keytab, do you have:
>>
>> /var/lib/samba/bind-dns/dns.keytab
>>
>> Rowland
>>
> Yes, I do (why two dns.keytab . . . a question for later) have 
> /var/lib/samba/bind-dns/dns.keytab.
No, might as well tell you now, it's relevant. Samba moved the keytab to 
the 'bind-dns' directory sometime ago, so you should be using the keytab 
in the bind-dns directory, which will mean altering the named.conf files 
if you are using Bind9
>
> Delete and re-generate that one?

Depends, are you actually using the correct keytab ?

Rowland






More information about the samba mailing list