[Samba] samba_dnsupdate utility cannot contact KDC realm

2013-06-24 Thread Steven Williams 
I am in the process of trying to setup a Samba 4.0.6 AD DC on Fedora 18, 
but dnsupdate is not updating the DNS records since I changed the 
addresses that I have assigned to my NICs. At first I thought the 
internal server didn't want to work, so I tried getting things setup 
with Bind (which is working just not with Samba yet). I am wanting to 
replace our Windows Server 2003 with RHEL 7 (or CentOS) when it comes 
out, but I am using Fedora 18 to research that possibility. What can I 
do to get DNS working again? Here is the command that I ran and it's output:


[root@localhost ~]# /usr/local/samba/sbin/samba_dnsupdate --all-names 
--verbose

IPs: ['10.0.0.1', '10.255.255.4']
Traceback (most recent call last):
  File /usr/local/samba/sbin/samba_dnsupdate, line 506, in module
get_credentials(lp)
  File /usr/local/samba/sbin/samba_dnsupdate, line 119, in 
get_credentials

creds.get_named_ccache(lp, ccachename)
RuntimeError: kinit for OM-SERVER5$@OHM.LOCAL failed (Cannot contact any 
KDC for requested realm)



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] samba_dnsupdate?

2013-04-09 Thread simon+samba 


Now for the next question. I think (hope?) that I am quite close now.

In order to add a machine to the domain, I think that I need to add a record to 
samba's DNS table. But samba_dnsupdate isn't working:

# samba_dnsupdate -d 5
INFO: Current debug levels:
   all: 5
   tdb: 5
   printdrivers: 5
   lanman: 5
   smb: 5
   rpc_parse: 5
   rpc_srv: 5
   rpc_cli: 5
   passdb: 5
   sam: 5
   auth: 5
   winbind: 5
   vfs: 5
   idmap: 5
   quota: 5
   acls: 5
   locking: 5
   msdfs: 5
   dmapi: 5
   registry: 5
lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf
params.c:pm_process() - Processing configuration file 
/usr/local/samba/etc/smb.conf

Processing section [global]
Processing section [netlogon]
Processing section [sysvol]
pm_process() returned Yes
added interface eth0 ip=fe80::5054:ff:fefd:9729%eth0 
bcast=fe80:::::%eth0 netmask=:::::
added interface eth0 ip=192.168.99.19 bcast=192.168.99.255 
netmask=255.255.255.0

schema_fsmo_init: we are master[yes] updates allowed[no]

As you can see updates are not allowed. But my smb.conf looks like this:
[global]
 workgroup = MYAD
 realm = MYAD.my.domain
 netbios name = SAMBA4
 server role = active directory domain controller
 idmap_ldb:use rfc2307 = yes
 #   log file = /var/log/samba/samba.log.%m
 log level = 3
 allow dns updates = True
 dns forwarder = 192.168.99.2

Simon

On Tue, 9 Apr 2013, Ricky Nance wrote:


 Glad to hear :)
 Ricky


 On Tue, Apr 9, 2013 at 8:15 PM, Simon Matthews
 si...@matthews-family.org.uk wrote:


   On Tue, 9 Apr 2013, Ricky Nance wrote:

   That looks normal... Can you pastebin your log.samba...
   first mv or rm
   /usr/local/samba/var/log.samba, then restart samba, then
   pastebin log.samba.
   Also (with samba running) can you give us the output of ps
   ax | grep samba
   and the output of netstat -anp | grep LISTEN  | grep
   samba 
   Thanks,


 Ricky,

 with your help, I fixed the problem. I had started krb5kdc, not
 realizing that the krb server was also built into samba. Once I
 stopped this and re-started SAMBA, the internal dns server started
 working.

 Simon




   On Tue, Apr 9, 2013 at 7:22 PM, simon+sa...@matthews.eu
   wrote:
         On Tue, 9 Apr 2013, Ricky Nance wrote:

               What samba version are you using (samba -V)


   # samba -V
   Version 4.0.4

         ? Also what is the output of
         samba-tool testparm -v --suppress-prompt | grep
   server
         services 


   # samba-tool testparm -v --suppress-prompt | grep server
   services
           server services = s3fs, rpc, nbt, wrepl, ldap,
   cldap, kdc,
   drepl, winbind, ntp_signd, kcc, dnsupdate, dns

   Simon


         On Tue, Apr 9, 2013 at 6:34 PM,
   simon+sa...@matthews.eu
         wrote:
               After running the classicupgrade, configuring
   and
         starting krb5,
               starting the new samba4 server, I started
   looking at
         DNS.

               Nothing is listening on port 53, so I assume
   the
         internal DNS is
               not working. I have NOT specified the use of
   the
         BIND_DLZ
               plugin, so it should be using its internal dns
         server.

               Where should I start looking for a solution to
   this?



               --
               To unsubscribe from this list go to the
   following
         URL and read
               the
               instructions:
          https://lists.samba.org/mailman/options/samba







-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] samba_dnsupdate --verbose --all-names with internal DNS?

2012-12-14 Thread Adam Tauno Williams 
Using the internal / default DNS server should the command  
samba_dnsupdate --verbose --all-names work?


Looking at the wiki this appears to be part of step#9, but I not sure  
the test shouldn't succeed.


$ samba_dnsupdate --verbose --all-names

...

; TSIG error with server: tsig verify failure
Failed nsupdate: 2
Calling nsupdate for SRV  
_gc._tcp.default-first-site-name._sites.micore.us barbel.micore.us 3268

Outgoing update query:
;; -HEADER- opcode: UPDATE, status: NOERROR, id:  0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
_gc._tcp.default-first-site-name._sites.micore.us. 900 IN SRV 0 100  
3268 barbel.micore.us.


; TSIG error with server: tsig verify failure
Failed nsupdate: 2
Failed update of 21 entries


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba