[Samba] dns_tkey_gssnegotiate: TKEY is unacceptable
L.P.H. van Belle
belle at bazuin.nl
Fri Jul 3 14:38:10 UTC 2020
Stop samba
Move the bind content to the bind-dns folder
/var/lib/samba/bind-dns# ls -al
total 28
drwxrwx--- 3 root bind 4096 May 25 14:16 .
drwxr-xr-x 10 root root 4096 Jun 29 07:47 ..
drwxrwx--- 3 root bind 4096 Aug 7 2019 dns
-rw-r----- 2 root bind 877 Aug 7 2019 dns.keytab
-rw-r--r-- 1 root root 883 Aug 7 2019 named.conf
-r--r--r-- 1 root root 312 Aug 7 2019 named.conf.update
-rw-r--r-- 1 root root 2092 Aug 7 2019 named.txt
Adjust : named.conf.local
/ adding the dlopen ( Bind DLZ ) module for samba.
include "/var/lib/samba/bind-dns/named.conf";
I think that was it.
Verify rights on files and folders but if you move it should be the same.
Start samba, check again, ow wait.. ..
/etc/resolv.conf
nameserver 127.0.0.1 < and change that one to the server its OWN ip , not localhost.
nameserver 192.168.16.52
search ad.samdom.example.com
Clear logs, Reboot, check again.
Did that work?
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Robert E. Wooden via samba
> Verzonden: vrijdag 3 juli 2020 16:25
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] dns_tkey_gssnegotiate: TKEY is unacceptable
> Urgentie: Hoog
>
> On 7/3/2020 9:15 AM, Rowland penny via samba wrote:
> > No, might as well tell you now, it's relevant. Samba moved
> the keytab
> > to the 'bind-dns' directory sometime ago, so you should be
> using the
> > keytab in the bind-dns directory, which will mean altering the
> > named.conf files if you are using Bind9
>
> Yes, I saw that during setup. I had to "think thru" Louis'
> instructions,
> to test, locate and make sure I was using the correct
> "dns.keytab" for
> the BIND9_DLZ setup.
>
> >
> > Depends, are you actually using the correct keytab ?
> >
> > Rowland
> >
> Apparently, I missed this. So, I am not sure what to change
> to correct?
>
> Any explanation you could provide would clarify this for me?
>
> (FYI, Debian 10 with Samba 4.12.3)
>
> --
>
> Bob Wooden
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list