Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[Samba] samba 4 failed with kerberos error (ubuntu)
198 views
Skip to first unread message
Alexander Busam
Sep 9, 2013, 4:40:02 AM9/9/13
to
Hello!
I tried to install samba 4 as described in the samba AD DC HOWTO.
Here my configuration:
ubuntu 12.04 server 64 bit server
/etc/network/interfaces:
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.19
netmask 255.255.252.0
up route add default gw 192.168.1.4
dns-search hofmann-intern.de
dns-nameservers 192.168.1.26
/etc/hosts:
127.0.0.1 localhost
192.168.1.19 hmsmbctx.hofmann-intern.de hmsmbctx
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
I installed required software:
apt-get install build-essential libacl1-dev libattr1-dev \
libblkid-dev libgnutls-dev libreadline-dev python-dev \
python-dnspython gdb pkg-config libpopt-dev libldap2-dev \
dnsutils libbsd-dev attr krb5-user docbook-xsl libcups2-dev acl
and run the provisioning script:
samba-tool domain provision --use-rfc2307 --interactive
with internal-dns
Copied /var/lib/samba/private/krb5.conf to /etc/
When i start samba with samba -i -M single
I got the following error:
root@hmsmbctx:/home/administrator# samba -i -M single
samba version 4.0.9-SerNet-Ubuntu-6.precise started.
Copyright Andrew Tridgell and the Samba Team 1992-2012
samba: using 'single' process model
Attempting to autogenerate TLS self-signed keys for https for hostname
'HMSMBCTX.hfmctx.hofmann-intern.de'
TLS self-signed keys generated OK
/usr/sbin/samba_dnsupdate: Traceback (most recent call last):
/usr/sbin/samba_dnsupdate: File "/usr/sbin/samba_dnsupdate", line 506,
in <module>
/usr/sbin/samba_dnsupdate: get_credentials(lp)
/usr/sbin/samba_dnsupdate: File "/usr/sbin/samba_dnsupdate", line 119,
in get_credentials
/usr/sbin/samba_dnsupdate: creds.get_named_ccache(lp, ccachename)
/usr/sbin/samba_dnsupdate: RuntimeError: kinit for
HMSMBCTX$@HFMCTX.HOFMANN-INTERN.DE failed (Cannot contact any KDC for
requested realm)
/usr/sbin/samba_dnsupdate:
../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
NT_STATUS_ACCESS_DENIED
Whats going wrong ?
Thx in advance.
Alex
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
I tried to install samba 4 as described in the samba AD DC HOWTO.
Here my configuration:
ubuntu 12.04 server 64 bit server
/etc/network/interfaces:
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.19
netmask 255.255.252.0
up route add default gw 192.168.1.4
dns-search hofmann-intern.de
dns-nameservers 192.168.1.26
/etc/hosts:
127.0.0.1 localhost
192.168.1.19 hmsmbctx.hofmann-intern.de hmsmbctx
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
I installed required software:
apt-get install build-essential libacl1-dev libattr1-dev \
libblkid-dev libgnutls-dev libreadline-dev python-dev \
python-dnspython gdb pkg-config libpopt-dev libldap2-dev \
dnsutils libbsd-dev attr krb5-user docbook-xsl libcups2-dev acl
and run the provisioning script:
samba-tool domain provision --use-rfc2307 --interactive
with internal-dns
Copied /var/lib/samba/private/krb5.conf to /etc/
When i start samba with samba -i -M single
I got the following error:
root@hmsmbctx:/home/administrator# samba -i -M single
samba version 4.0.9-SerNet-Ubuntu-6.precise started.
Copyright Andrew Tridgell and the Samba Team 1992-2012
samba: using 'single' process model
Attempting to autogenerate TLS self-signed keys for https for hostname
'HMSMBCTX.hfmctx.hofmann-intern.de'
TLS self-signed keys generated OK
/usr/sbin/samba_dnsupdate: Traceback (most recent call last):
/usr/sbin/samba_dnsupdate: File "/usr/sbin/samba_dnsupdate", line 506,
in <module>
/usr/sbin/samba_dnsupdate: get_credentials(lp)
/usr/sbin/samba_dnsupdate: File "/usr/sbin/samba_dnsupdate", line 119,
in get_credentials
/usr/sbin/samba_dnsupdate: creds.get_named_ccache(lp, ccachename)
/usr/sbin/samba_dnsupdate: RuntimeError: kinit for
HMSMBCTX$@HFMCTX.HOFMANN-INTERN.DE failed (Cannot contact any KDC for
requested realm)
/usr/sbin/samba_dnsupdate:
../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
NT_STATUS_ACCESS_DENIED
Whats going wrong ?
Thx in advance.
Alex
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Ryan Bair
Sep 9, 2013, 11:00:02 AM9/9/13
to
It looks like you're not pointing to yourself for DNS. Check to make sure
DNS is working correctly (especially the SRV kerberos records for this
issue).
> Copied /var/lib/samba/private/krb5.**conf to /etc/
DNS is working correctly (especially the SRV kerberos records for this
issue).
>
>
> When i start samba with samba -i -M single
>
> I got the following error:
>
>
> root@hmsmbctx:/home/**administrator# samba -i -M single
>
> When i start samba with samba -i -M single
>
> I got the following error:
>
>
> samba version 4.0.9-SerNet-Ubuntu-6.precise started.
> Copyright Andrew Tridgell and the Samba Team 1992-2012
> samba: using 'single' process model
> Attempting to autogenerate TLS self-signed keys for https for hostname '
> HMSMBCTX.hfmctx.hofmann-**intern.de<http://HMSMBCTX.hfmctx.hofmann-intern.de>
> Copyright Andrew Tridgell and the Samba Team 1992-2012
> samba: using 'single' process model
> Attempting to autogenerate TLS self-signed keys for https for hostname '
> '
> TLS self-signed keys generated OK
> /usr/sbin/samba_dnsupdate: Traceback (most recent call last):
> /usr/sbin/samba_dnsupdate: File "/usr/sbin/samba_dnsupdate", line 506,
> in <module>
> /usr/sbin/samba_dnsupdate: get_credentials(lp)
> /usr/sbin/samba_dnsupdate: File "/usr/sbin/samba_dnsupdate", line 119,
> in get_credentials
> /usr/sbin/samba_dnsupdate: creds.get_named_ccache(lp, ccachename)
> /usr/sbin/samba_dnsupdate: RuntimeError: kinit for HMSMBCTX$@
> HFMCTX.HOFMANN-**INTERN.DE <http://HFMCTX.HOFMANN-INTERN.DE> failed
> TLS self-signed keys generated OK
> /usr/sbin/samba_dnsupdate: Traceback (most recent call last):
> /usr/sbin/samba_dnsupdate: File "/usr/sbin/samba_dnsupdate", line 506,
> in <module>
> /usr/sbin/samba_dnsupdate: get_credentials(lp)
> /usr/sbin/samba_dnsupdate: File "/usr/sbin/samba_dnsupdate", line 119,
> in get_credentials
> /usr/sbin/samba_dnsupdate: creds.get_named_ccache(lp, ccachename)
> /usr/sbin/samba_dnsupdate: RuntimeError: kinit for HMSMBCTX$@
> (Cannot contact any KDC for requested realm)
> /usr/sbin/samba_dnsupdate:
> ../source4/dsdb/dns/dns_**update.c:294: Failed DNS update -
> /usr/sbin/samba_dnsupdate:
> NT_STATUS_ACCESS_DENIED
>
> Whats going wrong ?
>
> Thx in advance.
>
> Alex
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba>
>
> Whats going wrong ?
>
> Thx in advance.
>
> Alex
> --
> To unsubscribe from this list go to the following URL and read the
0 new messages