> Is 10.37.55.20 the wrong IP address? Is that not the host on which Samba is installed?
It absolutely is: samba4, bind and kinit are all running on the same server, whose IP address for eth0 is 10.37.55.20 . Again, during installation the server was given the static IP settings address 10.37.55.20, netmask 255.255.255.0, gateway 10.37.55.1, nameserver 10.37.55.20 . You can see the resulting ifconfig -a output in comment #2. I can't see any problems in connecting from the server to itself as 10.37.55.20, or indeed as blackbox.irishtown.localonly.rvcomerford.ie - ping, ssh and DNS requests all work fine. (They all work fine from other machines on the local network, too.) Also, the ICMP error message comes from source 10.37.55.20, it's a 'port unreachable' rather than 'host unreachable' message, and in fact lsof confirms (see comment #5) that there is no process listening on 10.37.55.20:88 UDP. Speaking of which, I have discovered that starting the server with the Ethernet cable disconnected causes it to start with samba processes listening on port 88 UDP (UDP Kerberos) and port 389 UDP (UDP LDAP): leo@blackbox:~$ sudo lsof | grep UDP samba 1031 root 22u IPv4 8563 0t0 UDP *:netbios-ns samba 1031 root 23u IPv4 8564 0t0 UDP *:netbios-dgm samba 1031 root 24u IPv4 8565 0t0 UDP 10.37.55.255:netbios-ns samba 1031 root 25u IPv4 8566 0t0 UDP blackbox:netbios-ns samba 1031 root 26u IPv4 8567 0t0 UDP 10.37.55.255:netbios-dgm samba 1031 root 27u IPv4 8568 0t0 UDP blackbox:netbios-dgm samba 1035 root 22u IPv4 8591 0t0 UDP *:ldap samba 1035 root 23u IPv4 8592 0t0 UDP blackbox:ldap samba 1036 root 23u IPv4 8600 0t0 UDP *:kerberos samba 1036 root 25u IPv4 8602 0t0 UDP *:kpasswd samba 1036 root 26u IPv4 8603 0t0 UDP blackbox:kerberos samba 1036 root 27u IPv4 8604 0t0 UDP blackbox:kpasswd named 1188 bind 512u IPv6 8730 0t0 UDP *:domain named 1188 bind 513u IPv4 8735 0t0 UDP localhost:domain named 1188 bind 514u IPv4 8737 0t0 UDP blackbox:domain named 1188 bind 515u IPv4 10205 0t0 UDP 192.168.122.1:domain dnsmasq 1313 libvirt-dnsmasq 5u IPv4 10229 0t0 UDP *:bootps dnsmasq 1313 libvirt-dnsmasq 6u IPv4 10234 0t0 UDP 192.168.122.1:domain leo@blackbox:~$ sudo lsof | grep TCP samba 1029 root 22u IPv4 8536 0t0 TCP *:microsoft-ds (LISTEN) samba 1029 root 23u IPv4 8537 0t0 TCP *:netbios-ssn (LISTEN) samba 1030 root 36u IPv4 8578 0t0 TCP *:1024 (LISTEN) samba 1030 root 39u IPv4 8584 0t0 TCP *:loc-srv (LISTEN) samba 1034 root 23u IPv4 10513 0t0 TCP *:ldap (LISTEN) samba 1034 root 24u IPv4 10514 0t0 TCP *:ldaps (LISTEN) samba 1034 root 25u IPv4 10515 0t0 TCP *:3268 (LISTEN) samba 1034 root 26u IPv4 10516 0t0 TCP *:3269 (LISTEN) samba 1036 root 22u IPv4 8599 0t0 TCP *:kerberos (LISTEN) samba 1036 root 24u IPv4 8601 0t0 TCP *:kpasswd (LISTEN) named 1188 bind 20u IPv6 8731 0t0 TCP *:domain (LISTEN) named 1188 bind 21u IPv4 8736 0t0 TCP localhost:domain (LISTEN) named 1188 bind 22u IPv4 8738 0t0 TCP blackbox:domain (LISTEN) named 1188 bind 23u IPv4 10202 0t0 TCP localhost:953 (LISTEN) named 1188 bind 24u IPv6 10203 0t0 TCP ip6-localhost:953 (LISTEN) dnsmasq 1313 libvirt-dnsmasq 7u IPv4 10235 0t0 TCP 192.168.122.1:domain (LISTEN) sshd 3967 root 3r IPv4 19263 0t0 TCP *:ssh (LISTEN) sshd 3967 root 4u IPv6 19265 0t0 TCP *:ssh (LISTEN) sshd 4385 root 3r IPv4 23873 0t0 TCP blackbox:ssh->10.37.55.21:51729 (ESTABLISHED) sshd 4570 leo 3u IPv4 23873 0t0 TCP blackbox:ssh->10.37.55.21:51729 (ESTABLISHED) sshd 4696 root 3r IPv4 24206 0t0 TCP blackbox:ssh->10.37.55.21:51751 (ESTABLISHED) sshd 4838 leo 3u IPv4 24206 0t0 TCP blackbox:ssh->10.37.55.21:51751 (ESTABLISHED) The samba processes remain listening on UDP 88 and UDP 389 when the network cable is plugged in and eth0 starts working again. Stopping and restarting the network interfaces using ifup and ifdown does not have the same effect of causing samba4 to start listening to these UDP ports. With a samba process listening at UDP 88, kinit fails in a different way, receiving a Kerberos error response from UDP 88 then making a number of failed DNS lookups. Here's the command line output: leo@blackbox:~$ sudo kinit -V administra...@irishtown.localonly.rvcomerford.ie Using default cache: /tmp/krb5cc_0 Using principal: administra...@irishtown.localonly.rvcomerford.ie Password for administra...@irishtown.localonly.rvcomerford.ie: kinit: Generic preauthentication failure while getting initial credentials It doesn't seem to matter if one enters the password correctly - though I'm not absolutely sure due to how long the password is... The first ten packets (up to and including the first 'No such name' response from DNS) are sent and received before anything is entered at the password prompt; the eleventh packet is sent after you press Enter at the password prompt. The lo capture is attached as comment #12. (Again there seem to be no relevant packets on eth0 or virbr0.) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/976138 Title: kerberos setup fails, with broken krb5.conf To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba4/+bug/976138/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
