Hello NOC, you didn't provide any configuration so I'm just guessing using my new crystal ball.
Fri, Jun 07, 2013 at 02:45:09PM +0200, NOC napsal(a): > Hi all > > root@puppettest01 var]# samba_dnsupdate --verbose --all-names > IPs: ['192.168.0.1'] > Traceback (most recent call last): > File "/usr/sbin/samba_dnsupdate", line 506, in <module> > get_credentials(lp) > File "/usr/sbin/samba_dnsupdate", line 119, in get_credentials > creds.get_named_ccache(lp, ccachename) > RuntimeError: kinit for [email protected] failed (Cannot > contact any KDC for requested realm) You have configured kerberos to look for KDC using DNS and DNS server is not running. > When looking at the debug output of bind, it doesn't seem to have > loaded the DLZ module from samba4. > > I tried this: named -g -c /etc/bind/named.conf -u named -d3 2>&1 > |grep -i dlz > 07-Jun-2013 14:18:24.514 built with '--host=x86_64-redhat-linux-gnu' > '--build=x86_64-redhat-linux-gnu' '--program-prefix=' > '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' > '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' > '--includedir=/usr/include' '--libdir=/usr/lib64' > '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' > '--mandir=/usr/share/man' '--infodir=/usr/share/info' > '--with-libtool' '--localstatedir=/var' '--enable-threads' > '--enable-ipv6' '--with-pic' '--disable-static' > '--disable-openssl-version-check' '--with-dlopen=yes' > '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' > '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' > '--with-dlz-stub=yes' '--with-gssapi=yes' '--disable-isc-spnego' > '--with-docbook-xsl=/usr/share/sgml/docbook/xsl-stylesheets' > '--enable-fixed-rrset' 'build_alias=x86_64-redhat-linux-gnu' > 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g' 'CPPFLAGS= > -DDIG_SIGCHASE' > 07-Jun-2013 14:18:24.516 Registering DLZ_dlopen driver > 07-Jun-2013 14:18:24.516 Registering SDLZ driver 'dlopen' > 07-Jun-2013 14:18:24.516 Registering DLZ driver 'dlopen' > > The packages samba4 (using git master from 2 days ago) and bind are > self-compiled on another centos 6.4 machine. As you can see, the > options '--with-gssapi=yes' and '--with-dlopen=yes' are set (this is > 9.8.2 from the source rpm) > > I followed the instructions on how to include > /var/lib/samba4/private/named.conf and named.txt, however, that > didn't work as advertised (cannot read > /var/lib/samba4/private/named.conf, though it was readable by user > named???), so I included the stuff in ...private/named.conf > literally in the /etc/bind/named.conf (as you can see, the > named.conf location is nonstandard, this is handled in > /etc/sysconfig/named). What about selinux? Also giving us only grep of logs are useless. There should be very interesting lines below: 07-Jun-2013 14:18:24.516 Registering DLZ driver 'dlopen' > samba4 was provisioned for NIEUWLAND.NL as dc and BIND9_DLZ > > I wonder which steps would be most likely to let bind load the driver > for dlz? Should I suspect all the patches redhat includes in their > source rpm? or is it a configuration issue? This part is working with plain CentOS named for me. The problem mentioned with --disable-isc-spnego is only with Windows client updates to the dns. Please give us the named.conf (at least the part you copied from samba) and also the named output from /var/log/messages during startup (no debug is needed usually). Best regards, Luf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
