[Samba] TSIG errors when updating DNS
Peter Milesson
miles at atmos.eu
Sat Feb 4 15:56:04 UTC 2023
Hi Rowland,
Yet a bit more information. The newly provisioned DC has got the FSMO
roles. They were transferred from an ancient DC, and the ancient DC
demoted and turned off. There were no error messages, and the transfer
was successful.
Now, the /etc/krb5.conf file on the older of the 2 active DCs differs
from the newly installed DC. The krb5.conf file was copied to /etc after
successful domain join on the newly provisioned DC:
/etc/krb5.conf on the older DC:
[libdefaults]
default_realm = KONSTRUKCE.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = true
/etc/krb5.conf on the newly provisioned DC:
[libdefaults]
default_realm = KONSTRUKCE.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = true
[realms]
KONSTRUKCE.LOCAL = {
default_domain = konstrukce.local
}
[domain_realm]
KONADC3 = KONSTRUKCE.LOCAL
kinit and klist works on both DCs
Best regards,
Peter
More information about the samba
mailing list