Re: [Samba] samba 4 failed with kerberos error (ubuntu)

2013-09-09 Thread Ryan Bair 
It looks like you're not pointing to yourself for DNS. Check to make sure
DNS is working correctly (especially the SRV kerberos records for this
issue).


On Mon, Sep 9, 2013 at 4:31 AM, Alexander Busam <
a.bu...@hofmann-foerdertechnik.com> wrote:

> Hello!
>
> I tried to install samba 4 as described in the samba AD DC HOWTO.
>
> Here my configuration:
>
> ubuntu 12.04 server 64 bit server
>
> /etc/network/interfaces:
>
> # The loopback network interface
> auto lo
> iface lo inet loopback
>
> # The primary network interface
> auto eth0
> iface eth0 inet static
> address 192.168.1.19
> netmask 255.255.252.0
> up route add default gw 192.168.1.4
> dns-search hofmann-intern.de
> dns-nameservers 192.168.1.26
>
> /etc/hosts:
>
> 127.0.0.1   localhost
> 192.168.1.19hmsmbctx.hofmann-intern.de  hmsmbctx
>
> # The following lines are desirable for IPv6 capable hosts
> ::1 ip6-localhost ip6-loopback
> fe00::0 ip6-localnet
> ff00::0 ip6-mcastprefix
> ff02::1 ip6-allnodes
> ff02::2 ip6-allrouters
>
> I installed required software:
>
> apt-get install build-essential libacl1-dev libattr1-dev \
>   libblkid-dev libgnutls-dev libreadline-dev python-dev \
>   python-dnspython gdb pkg-config libpopt-dev libldap2-dev \
>   dnsutils libbsd-dev attr krb5-user docbook-xsl libcups2-dev acl
>
> and run the provisioning script:
>
> samba-tool domain provision --use-rfc2307 --interactive
>
> with internal-dns
>
> Copied  /var/lib/samba/private/krb5.**conf to /etc/
>
>
> When i start samba with samba -i -M single
>
> I got the following error:
>
>
> root@hmsmbctx:/home/**administrator# samba -i -M single
> samba version 4.0.9-SerNet-Ubuntu-6.precise started.
> Copyright Andrew Tridgell and the Samba Team 1992-2012
> samba: using 'single' process model
> Attempting to autogenerate TLS self-signed keys for https for hostname '
> HMSMBCTX.hfmctx.hofmann-**intern.de
> '
> TLS self-signed keys generated OK
> /usr/sbin/samba_dnsupdate: Traceback (most recent call last):
> /usr/sbin/samba_dnsupdate:   File "/usr/sbin/samba_dnsupdate", line 506,
> in 
> /usr/sbin/samba_dnsupdate: get_credentials(lp)
> /usr/sbin/samba_dnsupdate:   File "/usr/sbin/samba_dnsupdate", line 119,
> in get_credentials
> /usr/sbin/samba_dnsupdate: creds.get_named_ccache(lp, ccachename)
> /usr/sbin/samba_dnsupdate: RuntimeError: kinit for HMSMBCTX$@
> HFMCTX.HOFMANN-**INTERN.DE  failed
> (Cannot contact any KDC for requested realm)
> /usr/sbin/samba_dnsupdate:
> ../source4/dsdb/dns/dns_**update.c:294: Failed DNS update -
> NT_STATUS_ACCESS_DENIED
>
> Whats going wrong ?
>
> Thx in advance.
>
> Alex
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  
> https://lists.samba.org/**mailman/options/samba
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] samba 4 failed with kerberos error (ubuntu)

2013-09-09 Thread Alexander Busam 

Hello!

I tried to install samba 4 as described in the samba AD DC HOWTO.

Here my configuration:

ubuntu 12.04 server 64 bit server

/etc/network/interfaces:

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.19
netmask 255.255.252.0
up route add default gw 192.168.1.4
dns-search hofmann-intern.de
dns-nameservers 192.168.1.26

/etc/hosts:

127.0.0.1   localhost
192.168.1.19hmsmbctx.hofmann-intern.de  hmsmbctx

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

I installed required software:

apt-get install build-essential libacl1-dev libattr1-dev \
  libblkid-dev libgnutls-dev libreadline-dev python-dev \
  python-dnspython gdb pkg-config libpopt-dev libldap2-dev \
  dnsutils libbsd-dev attr krb5-user docbook-xsl libcups2-dev acl

and run the provisioning script:

samba-tool domain provision --use-rfc2307 --interactive

with internal-dns

Copied  /var/lib/samba/private/krb5.conf to /etc/


When i start samba with samba -i -M single

I got the following error:


root@hmsmbctx:/home/administrator# samba -i -M single
samba version 4.0.9-SerNet-Ubuntu-6.precise started.
Copyright Andrew Tridgell and the Samba Team 1992-2012
samba: using 'single' process model
Attempting to autogenerate TLS self-signed keys for https for hostname 
'HMSMBCTX.hfmctx.hofmann-intern.de'

TLS self-signed keys generated OK
/usr/sbin/samba_dnsupdate: Traceback (most recent call last):
/usr/sbin/samba_dnsupdate:   File "/usr/sbin/samba_dnsupdate", line 506, 
in 

/usr/sbin/samba_dnsupdate: get_credentials(lp)
/usr/sbin/samba_dnsupdate:   File "/usr/sbin/samba_dnsupdate", line 119, 
in get_credentials

/usr/sbin/samba_dnsupdate: creds.get_named_ccache(lp, ccachename)
/usr/sbin/samba_dnsupdate: RuntimeError: kinit for 
HMSMBCTX$@HFMCTX.HOFMANN-INTERN.DE failed (Cannot contact any KDC for 
requested realm)

/usr/sbin/samba_dnsupdate:
../source4/dsdb/dns/dns_update.c:294: Failed DNS update - 
NT_STATUS_ACCESS_DENIED


Whats going wrong ?

Thx in advance.

Alex
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba