Glad I could help, as far as your last question, I'll have to let
someone else answer that one.. I don't know enough about it to make that
determination.
On 05/12/2011 12:09 PM, fe...@epepm.cupet.cu wrote:
Thanks a lot for your hint.
I finally made it in Debian Lenny (with Samba4 alpha15 and Bind9.8.0)
installing libkrb5-dev.
My named.conf just has an include "/usr/local/samba/private/named.conf";
and there I also included the options, related to tkey, suggested in the
HowTo.
I would like to notice that I followed the recommendation from Bind source
and I used the option tkey-gssapi-keytab instead of tkey-gssapi-credential
and tkey-domain which I finally commented.
Finally, I would like to know if I'll need a KDC, and if so, which one,
MIT or Heimdal???
Best regards,
Felix.
It looks like kerberos support installs the proper files, Check for the
packages listed below. This is Ubuntu Lucid, not sure how the names have
changed for your distribution.
root@FILESRV1:/usr/include/mit-krb5# dpkg -S gssapi.h
libkrb5-dev: /usr/include/gssrpc/auth_gssapi.h
krb5-multidev: /usr/include/mit-krb5/gssapi/gssapi.h
libkrb5-dev: /usr/include/gssapi.h
libkrb5-dev: /usr/include/gssapi/gssapi.h
krb5-multidev: /usr/include/mit-krb5/gssapi.h
krb5-multidev: /usr/include/mit-krb5/gssrpc/auth_gssapi.h
On 05/11/2011 02:12 PM, fe...@epepm.cupet.cu wrote:
I'm trying to compile using --with-gssapi but I found gssapi.h in
/usr/loca/include/dst/ and I used this path but the answer is gssapi.h
not found???
I'm using Debian Lenny.
I think this gssapi.h I have becomes from the previous installation of
bind9 because I found that file in Bind9 source directory.
My question is how can I install gssapi???
Best regards,
Felix.
did you compile bind with gssapi? my compile options with ubuntu are
this..Verify your pointing to the proper path when compiling for
gssapi.
./configure --prefix=/usr/local/bind9 --with-gssapi=/usr/include/gssapi
verify that you have the proper environments in bind,,, I have this in
the init script..
KEYTAB_FILE="/usr/local/samba1/private/dns.keytab"
KRB5_KTNAME="/usr/local/samba1/private/dns.keytab"
export KEYTAB_FILE
export KRB5_KTNAME
and verify that the options are in named.conf properly.. CASE matters..
tkey-gssapi-credential "DNS/example.com";
tkey-domain "EXAMPLE.COM";
Verify all this and modify for your environment...
On 05/11/2011 12:15 PM, fe...@epepm.cupet.cu wrote:
I followed the Howto http://wiki.samba.org/index.php/Samba4/HOWTO
Using:
-Samba4 alpha15
-Bind9.8.0
When I added an XP PC (192.168.123.244) to my domain I got this in
syslog:
May 11 12:04:18 samba4 named[10705]: client 192.168.123.244#1061:
update
'mydomain.com/IN' denied
May 11 12:04:18 samba4 named[10705]: tkey.c:486: ENSURE(result ==
(((1)<<
16) + 28) || result == 0) failed, back trace
May 11 12:04:18 samba4 named[10705]: #0 0x805ac45 in
assertion_failed()+0x45
May 11 12:04:18 samba4 named[10705]: #1 0x81c62f7 in
isc_assertion_failed()+0x27
May 11 12:04:18 samba4 named[10705]: #2 0x81659ba in
dns_tkey_processquery()+0x98a
May 11 12:04:18 samba4 named[10705]: #3 0x80696ff in
ns_query_start()+0x40f
May 11 12:04:18 samba4 named[10705]: #4 0x8051d44 in
client_request()+0xdc4
May 11 12:04:18 samba4 named[10705]: #5 0x81e270d in
isc__taskmgr_dispatch()+0x17d
May 11 12:04:18 samba4 named[10705]: #6 0x81e5e34 in evloop()+0x74
May 11 12:04:18 samba4 named[10705]: #7 0x81e60af in
isc__app_ctxrun()+0x12f
May 11 12:04:18 samba4 named[10705]: #8 0x81e6182 in
isc__app_run()+0x12
May 11 12:04:18 samba4 named[10705]: #9 0x805bd56 in main()+0xc96
May 11 12:04:18 samba4 named[10705]: #10 0xb7d04455 in
_fini()+0xafb0d6b9
May 11 12:04:18 samba4 named[10705]: #11 0x804bb61 in _start()+0x21
May 11 12:04:18 samba4 named[10705]: exiting (due to assertion
failure)
Any ideas??
Best regards,
Felix.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
