Dear all, I do a lot of testing with samba4 at this time. Set up a samba 4 server on centos 6.3 working just fine. Now tried to join a second samba4 to the existing domain by : samba-tool domain join tplechler DC -Uadministrator --realm=tplechler.kkh --dns-backend=BIND9_DLZ This worked without any errors. But samba_dnsupdate --verbose --all-names ends up with errors:
dns_tkey_negotiategss: TKEY is unacceptable Failed nsupdate: 1 Failed update of 20 entries The dns-keytab file was generated on domain joining!? samba-tool drs showrepl is ok: Default-First-Site-Name\SAMBA4 DSA Options: 0x00000001 DSA object GUID: 9ed1322c-6044-4e17-b109-ce2809a52487 DSA invocationId: c2a9094f-afa6-4904-a5d3-b341be2b919d ==== INBOUND NEIGHBORS ==== CN=Schema,CN=Configuration,DC=tplechler,DC=kkh Default-First-Site-Name\LINUX2 via RPC DSA object GUID: a6f6ec2d-5b27-4dff-a2fc-581488411b99 Last attempt @ Tue Mar 12 10:02:29 2013 CET was successful 0 consecutive failure(s). Last success @ Tue Mar 12 10:02:29 2013 CET DC=ForestDnsZones,DC=tplechler,DC=kkh Default-First-Site-Name\LINUX2 via RPC DSA object GUID: a6f6ec2d-5b27-4dff-a2fc-581488411b99 Last attempt @ Tue Mar 12 10:02:29 2013 CET was successful 0 consecutive failure(s). Last success @ Tue Mar 12 10:02:29 2013 CET DC=tplechler,DC=kkh Default-First-Site-Name\LINUX2 via RPC DSA object GUID: a6f6ec2d-5b27-4dff-a2fc-581488411b99 Last attempt @ Tue Mar 12 10:02:29 2013 CET was successful 0 consecutive failure(s). Last success @ Tue Mar 12 10:02:29 2013 CET CN=Configuration,DC=tplechler,DC=kkh Default-First-Site-Name\LINUX2 via RPC DSA object GUID: a6f6ec2d-5b27-4dff-a2fc-581488411b99 Last attempt @ Tue Mar 12 10:02:29 2013 CET was successful 0 consecutive failure(s). Last success @ Tue Mar 12 10:02:29 2013 CET DC=DomainDnsZones,DC=tplechler,DC=kkh Default-First-Site-Name\LINUX2 via RPC DSA object GUID: a6f6ec2d-5b27-4dff-a2fc-581488411b99 Last attempt @ Tue Mar 12 10:02:29 2013 CET was successful 0 consecutive failure(s). Last success @ Tue Mar 12 10:02:29 2013 CET ==== OUTBOUND NEIGHBORS ==== ==== KCC CONNECTION OBJECTS ==== Connection -- Connection name: 7dcfeeaa-a228-4275-bce6-bba8f787a350 Enabled : TRUE Server DNS name : linux2.tplechler.kkh Server DN name : CN=NTDS Settings,CN=LINUX2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=tplechler,DC=kkh TransportType: RPC options: 0x00000001 Warning: No NC replicated for Connection! ----------------------------------------------- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de ----------------------------------------------- -----Ursprüngliche Nachricht----- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Andrew Bartlett Gesendet: Montag, 11. März 2013 23:34 An: d tbsky Cc: samba@lists.samba.org Betreff: Re: [Samba] samba4 AD DC as file server? On Tue, 2013-03-12 at 01:30 +0800, d tbsky wrote: > hi: > I want to setup a small samba4 server with AD and file server function. > I know that samba4 AD DC has no netbios browsing support. are there > other missing functions, like winbindd or something else? The next release will include this patch, which avoids mistakenly creating world-writeable files in additional file shares. > and if I install two samba4 instance, one to "/usr/local/samba"(for > file server), one to "/usr/local/samba-ad"(for AD DC). and give them > two seprate ip to bind. will it work better? No, it would need to be a different virtual machine (you can only have one winbind per machine, and the different winbind is most important difference between the operating modes). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba