On 23 May 2010 19:32, Dmitry A. Khromov <da3...@mail.ru> wrote: > > Michael Wood <esiot...@gmail.com> wrote: >>I am not sure if this is the problem, but make sure the time is >>correct on both machines. I got what I think were similar errors when >>my VM decided to get 2 hours out of sync with reality. > > Time is synchronized via NTP and kinit works fine, however, I've done > ntpdate with dc0 for sure: > > dc1 samba # ntpdate dc0.klin.kifato-mk.com > 23 May 20:37:21 ntpdate[28533]: adjust time server 192.168.1.22 offset > -0.016606 sec > > Also I've noticed that after successful initial (first run after net > vampire) DNS records update I get the following in my samba.log: > -------------------------------------- > dc1 samba # cat var/samba.log | grep -A 2 -B 1 TSIG > [Sun May 23 14:02:18 2010 MSD, 0 > ../../lib/util/util_runcmd.c:288:samba_runcmd_io_handler()] > /usr/local/samba/sbin/samba_dnsupdate: ; TSIG error with server: tsig verify > failure > [Sun May 23 14:02:18 2010 MSD, 0 > ../../lib/util/util_runcmd.c:288:samba_runcmd_io_handler()] > /usr/local/samba/sbin/samba_dnsupdate: update failed: REFUSED > ----------[output truncated]----------
These are because your dynamic DNS updates are not correctly configured. I am not sure exactly how to configure this correctly. I thought I had it working and then found later that it actually wasn't. I suspect you will need to read the bind9 documentation and you might have to turn up named's debug level. > Also, I've tried to rejoin Samba (by deleting /usr/local/samba entirely, > invoking "metadata cleanup" in ntdsutil, deleting computer object in AD U&C > and cleaning up DNS entries), result is slightly different - the log still > floods with errors (more than 6 hours already). And yes, at least part of > replication is working - I may modify users/computers objects in AD U&C and > the changes will be synchronized in tens of seconds. However - I still want > to try Samba as the only DC in domain (and need to transfer roles before > demoting dc0). -- Michael Wood <esiot...@gmail.com> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
