Hi,Rowland!
Thank you for your help.
Change the dns server to the samba server make things better. But
still not working.
root@f10:/etc # /usr/local/samba/sbin/samba -i -M single
samba version 4.1.0pre1-GIT-e6a100e started.
Copyright Andrew Tridgell and the Samba Team 1992-2012
samba: using 'single' process model
/usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot
specify -gor -o, program not linked with GSS API Library
/usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot
specify -gor -o, program not linked with GSS API Library
/usr/local/samba/sbin/samba_dnsupdate: /usr/bin/nsupdate: cannot
specify -gor -o, program not linked with GSS API Library
../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
NT_STATUS_UNSUCCESSFUL
^C
root@f10:/etc # cat /etc/resolv.conf
domain f10.pcccom.ca
nameserver 127.0.0.1
root@f10:/etc # /usr/local/samba/sbin/samba -i -M single
samba version 4.1.0pre1-GIT-e6a100e started.
Copyright Andrew Tridgell and the Samba Team 1992-2012
samba: using 'single' process model
../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
NT_STATUS_IO_TIMEOUT
^C
root@f10:/etc # cat /etc/resolv.conf
domain f10.pcccom.ca
nameserver 192.1681.1.100
root@f10:/etc # ifconfig
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 90:e6:ba:88:db:31
inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
inet6 fe80::92e6:baff:fe88:db31%re0 prefixlen 64 scopeid 0x1
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
> Date: Mon, 19 Nov 2012 16:33:24 +0000
> From: rpe...@f2s.com
> To: samba@lists.samba.org
> Subject: Re: [Samba] Samba4 in FreeBSD 9 i386 for Domain controller
not working. Samba version 4.1.0 pre1-GIT cf15406
>
> On 19/11/12 02:50, Pccom Frank wrote:
> > Thank you Andrew!
> > You are right. Let FreeBSD start its own Kerberos does not make
sense since
> > Samba4 has its own Kerberos.
> > I can not get Samba4's Kerberos working.
> > The following is the message I run Samba4.
> >
> > I am using the Samba4's internal DNS.
> > I copied krb5.conf from /usr/local/samba/private to /etc after I run
> > samba-tool domain provision.
> >
> >
> >
> > root@f10:/usr/local/samba/sbin # ./samba -i -M single
> > samba version 4.1.0pre1-GIT-e6a100e started.
> > Copyright Andrew Tridgell and the Samba Team 1992-2012
> > samba: using 'single' process model
> > /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent
call last):
> > /usr/local/samba/sbin/samba_dnsupdate: File
> > "/usr/local/samba/sbin/samba_dnsupdate", line 507, in <module>
> > /usr/local/samba/sbin/samba_dnsupdate: get_credentials(lp)
> > /usr/local/samba/sbin/samba_dnsupdate: File
> > "/usr/local/samba/sbin/samba_dnsupdate", line 121, in
get_credentials
> > /usr/local/samba/sbin/samba_dnsupdate: creds.get_named_ccache(lp,
> > ccachename)
> > /usr/local/samba/sbin/samba_dnsupdate: RuntimeError: kinit for F10$@
> > F10.PCCOM.CA failed (Cannot contact any KDC for requested realm)
> > /usr/local/samba/sbin/samba_dnsupdate:
> > ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
> > NT_STATUS_ACCESS_DENIED
> >
> >
> >
> > root@f10:/usr/local/samba/sbin # uname -a
> > FreeBSD f10 10.0-CURRENT FreeBSD 10.0-CURRENT #0: Sat Oct 6
04:49:30 UTC
> > 2012
r...@build-i386-fbsd-2.allbsd.org:/usr/obj/i386.i386/usr/src/sys/GENERIC
> > i386
> >
> >
> > root@f10:/usr/local/samba/sbin # cat /etc/resolv.conf
> > domain f10.pcccom.ca
> > nameserver 192.168.1.1
> >
> > root@f10:/usr/local/samba/sbin # nslookup samba.org
> > Server: 192.168.1.1
> > Address: 192.168.1.1#53
> >
> > Non-authoritative answer:
> > Name: samba.org
> > Address: 216.83.154.106
> >
> > It looks the DNS server has no problem.
> >
> > Please help me out!
> >
> > On Sun, Nov 18, 2012 at 6:38 PM, Andrew Bartlett
<abart...@samba.org> wrote:
> >
> >> On Fri, 2012-11-16 at 16:42 -0500, Pccom Frank wrote:
> >>> Hi, Samab gurus!
> >>>
> >>> I tried to make Samba4 work on FreeBSD 9.1 i386 but failed to
join an XP
> >>> computer to the domain.
> >>>
> >>> What I did is:
> >>>
> >>> 1, git clone git://git.samba.org/samba.git samba-master
> >>>
> >>> 2, cd /usr/local/samba-master
> >>> 3, ./configure --enable-debug --enable-selftest && make && make
install
> >>> 4, /usr/local/samba/sbin/samba-tool domain provision
> >>> --realm=xyz.pccom.ca--domain=dcxyz --adminpass='123456'
> >>> --server-role=dc
> >>> 5, cp /usr/local/samba/private/krb.conf /etc
> >> What suggested that you should do this?
> >>
> >>> 6, echo 'kerberos5_server_enable="YES"' >> /etc/rc.conf
> >>> 7, echo 'kadmind5_server_enable="YES"' >> /etc/rc.conf
> >> This step is not included in any official Samba HOWTO.
> >>
> >>> 8, echo 'domain xyz.pccom.ca' >> /etc/resolv.conf
> >>> the dns server keep the same as before.
> >>> 9, /usr/local/samba/bin/samba -i -M single
> >>>
> >>> I found
> >>>
> >>> "Failed to bind to 192.168.1.248
UDP_NT_ADDRESS_ALREADY_ASSOCIATED"
> >> Our KDC cannot start because you enabled a different KDC and it is
> >> listening on port 88 already.
> >>
> >> Andrew Bartlett
> >>
> >> --
> >> Andrew Bartlett http://samba.org/~abartlet/
> >> Authentication Developer, Samba Team http://samba.org
> >>
> >>
> >>
> Hello, is the ipaddress of the samba 4 server 192.168.1.1 ? because
> earlier you had a problem connecting to the KDC on 192.168.1.248
> If 192.168.1.1 is a different machine, then alter the nameserver
line in
> /etc/resolv.conf to point to either your samba4 servers ipaddress or
> 127.0.0.1
>
> Rowland
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
--
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>,
and is
believed to be clean.
