Changing direction yet again. I decided do some testing with the latest *SOGo ZEG v2.0.0 rc5 appliance.*
Since this is supposed to be a turnkey package with SAMBA4, OpenChange and SOGo all somewhat working together I figured i'd give it a shot. Started up the appliance and try to join an XP client to the "EXAMPLE" domain... FAILED: The error was: "DNS name does not exist." (error code 0x0000232B RCODE_NAME_ERROR) Try to join an XP client to the "OPENCHANGE" domain... FAILED: The error was: "Network path was not found". The DNS lookup partially worked but tail /var/log/samba/log.samba showed: RuntimeError: kinit for [email protected] failed (Cannot contact any KDC for requested realm) Basically samba_dnsupdate fails with the following output. Traceback (most recent call last): File "/usr/sbin/samba_dnsupdate", line 485, in <module> get_credentials(lp) File "/usr/sbin/samba_dnsupdate", line 120, in get_credentials creds.get_named_ccache(lp, ccachename) RuntimeError: kinit for [email protected] failed (Cannot contact any KDC for requested realm) This is the same problem found here http://thread.gmane.org/gmane.comp.groupware.sogo.user/11358 At this point I know I have a KRB/KDC related issue and possibly DNS is not running properly. kinit isnt installed and Bind9 isnt configured with'--with-dlopen=yes'. Here is the output of /usr/sbin/named -V: BIND 9.8.1-P1 built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro' 'CPPFLAGS=-D_FORTIFY_SOURCE=2' using OpenSSL version: OpenSSL 1.0.1 14 Mar 2012 using libxml2 version: 2.7.8 From here: I installed krb5-user dpkg-dev libkrb5-dev libssl-dev libgeoip-dev Recompiled bind9 with the '--with-dlopen=yes' option Re-provisioned samba4 with domain EXAMPLE and realm EXAMPLE.COM Added tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab"; to /etc/bind/named.conf.options Copied /var/lib/samba/private/krb5.conf to /etc/krb5.conf Modified /etc/hosts so that "sogo.example.com sogo" uses interface IP instead of loopback. Restarted bind and samba And still get the same error. Any ideas? Just trying to add a windows client to the domain at this point. Thanks On Tue, Apr 17, 2012 at 1:20 PM, John Russell <[email protected]> wrote: > Question following HowTo build your own OpenChange/SOGo appliance: > I have been building my own SAMBA4/OpenChange appliance *MOSTLY*following the > instructions at > http://tracker.openchange.org/projects/openchange/wiki/HowTo_build_your_own_OpenChangeSOGo_appliance > . > > I am using Ubuntu-Server 12.04 LTS (Precise Pangolin) > precise-server-amd64.iso > OpenChange from svn co -r 3923 > https://svn.openchange.org/openchange/branches/sogo > SAMBA4 - Samba-4.0.0Alpha18 > > At the step titled "Configure DNS service" > # cd /etc/bind > # mkdir samba > # cp /usr/local/samba/private/named.* samba/ > # cp –rfi /usr/local/samba/private/dns samba/ > > my named.* files are actually in "/usr/local/samba/share/setup/" (no big > deal) > logically I would assume my dns files would be in > "/usr/local/samba/share/setup/dns" but no cookie :( > > Find reveals: > find / -name "dns" > /openchange/sogo/samba4/lib/dnspython/dns > /openchange/sogo/samba4/libcli/dns > /openchange/sogo/samba4/bin/default/libcli/dns > /openchange/sogo/samba4/bin/default/source4/dsdb/dns > /openchange/sogo/samba4/source4/selftest/provisions/alpha13/private/dns > /openchange/sogo/samba4/source4/dsdb/dns > /usr/share/pyshared/dns > /usr/lib/python2.7/dist-packages/dns > /usr/src/linux-headers-3.2.0-23-generic/include/config/ceph/lib/use/dns > /usr/src/linux-headers-3.2.0-23-generic/include/config/dns > > Does anyone know the correct dns file or directory to copy to the bind > directory? > > Thanks > -- "It's better to be boldly decisive and risk being wrong than to agonize at length and be right too late." Marilyn Moats Kennedy -- "It's better to be boldly decisive and risk being wrong than to agonize at length and be right too late." Marilyn Moats Kennedy -- [email protected] https://inverse.ca/sogo/lists
