On 15/09/2019 20:19, Bart?omiej Solarz-Nies?uchowski wrote:>> What OS is this and what Samba packages did you install ? >> > [root at oceanic etc]# which ldbsearch > /usr/bin/ldbsearch > [root at oceanic etc]# rpm -qf /usr/bin/ldbsearch > ldb-tools-1.5.5-1.fc30.x86_64 >Is your DC Running Fedora ? If so, then I am sorry, but I must advise you that running a Samba AD DC on Fedora is experimental due to the use of MIT kerberos and you should not use it in production. Rowland
Bartłomiej Solarz-Niesłuchowski
2019-Sep-15 19:33 UTC
[Samba] Migrating Samba NT4 Domain to Samba AD
W dniu 2019-09-15 o?21:27, Rowland penny via samba pisze:> On 15/09/2019 20:19, Bart?omiej Solarz-Nies?uchowski wrote: >>> What OS is this and what Samba packages did you install ? >>> >> [root at oceanic etc]# which ldbsearch >> /usr/bin/ldbsearch >> [root at oceanic etc]# rpm -qf /usr/bin/ldbsearch >> ldb-tools-1.5.5-1.fc30.x86_64 >> > Is your DC Running Fedora ? > > If so, then I am sorry, but I must advise you that running a Samba AD > DC on Fedora is experimental due to the use of MIT kerberos and you > should not use it in production.OK so which OS can be used? centos will be ok?> > Rowland > > >-- Bart?omiej Solarz-Nies?uchowski, Administrator WSISiZ e-mail: Bartlomiej.Solarz-Niesluchowski at wit.edu.pl tel. 223486547, fax 223486501 JID: solarz at jabber.wit.edu.pl 01-447 Warszawa, ul. Newelska 6, pok?j 421, pon.-pt. 8-16 Motto - Jak sobie po?cielisz tak sie wy?pisz
On 15/09/2019 20:33, Bart?omiej Solarz-Nies?uchowski wrote:> W dniu 2019-09-15 o?21:27, Rowland penny via samba pisze: >> On 15/09/2019 20:19, Bart?omiej Solarz-Nies?uchowski wrote: >>>> What OS is this and what Samba packages did you install ? >>>> >>> [root at oceanic etc]# which ldbsearch >>> /usr/bin/ldbsearch >>> [root at oceanic etc]# rpm -qf /usr/bin/ldbsearch >>> ldb-tools-1.5.5-1.fc30.x86_64 >>> >> Is your DC Running Fedora ? >> >> If so, then I am sorry, but I must advise you that running a Samba AD >> DC on Fedora is experimental due to the use of MIT kerberos and you >> should not use it in production. > > OK so which OS can be used? centos will be ok?Not using the OS packages, you cannot provision a Samba DC using the standard Centos Samba packages. There are a couple of guys who post on here that provide Centos packages, search the Samba mailing list archives. You could do what I do, use a Debian based OS and the Samba packages from here: http://apt.van-belle.nl/ Louis is another member of the Samba Team and he releases the packages that he uses in production and if you want to keep Samba up to date, then you could do worse ;-) Rowland
Bartłomiej Solarz-Niesłuchowski
2019-Sep-16 12:09 UTC
[Samba] Migrating Samba NT4 Domain to Samba AD
W dniu 2019-09-15 o?21:33, Bart?omiej Solarz-Nies?uchowski via samba pisze:> W dniu 2019-09-15 o?21:27, Rowland penny via samba pisze: >> On 15/09/2019 20:19, Bart?omiej Solarz-Nies?uchowski wrote: >>>> What OS is this and what Samba packages did you install ? >>>> >>> [root at oceanic etc]# which ldbsearch >>> /usr/bin/ldbsearch >>> [root at oceanic etc]# rpm -qf /usr/bin/ldbsearch >>> ldb-tools-1.5.5-1.fc30.x86_64 >>> >> Is your DC Running Fedora ? >> >> If so, then I am sorry, but I must advise you that running a Samba AD >> DC on Fedora is experimental due to the use of MIT kerberos and you >> should not use it in production. > > OK so which OS can be used? centos will be ok?I install system on Centos 7 + samba-ad from http://samba.tranquil.it/centos7/ and.... the same problems kerberos is MIT bind does not accept dns updates: dns_tkey_negotiategss: TKEY is unacceptable Failed nsupdate: 1 Failed update of 34 entries So now I try different OS.....> > >> >> Rowland >> >> >> >-- Bart?omiej Solarz-Nies?uchowski, Administrator WSISiZ e-mail: Bartlomiej.Solarz-Niesluchowski at wit.edu.pl tel. 223486547, fax 223486501 JID: solarz at jabber.wit.edu.pl 01-447 Warszawa, ul. Newelska 6, pok?j 421, pon.-pt. 8-16 Motto - Jak sobie po?cielisz tak sie wy?pisz
This is a common error. https://wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Bart??omiej Solarz-Nies??uchowski via samba > Verzonden: maandag 16 september 2019 14:09 > Aan: samba at lists.samba.org > CC: ubi >> Maciej Wysocki [WSISiZ]; Bart??omiej Solarz > Onderwerp: Re: [Samba] Migrating Samba NT4 Domain to Samba AD > > W dniu 2019-09-15 o?21:33, Bart??omiej Solarz-Nies??uchowski > via samba pisze: > > W dniu 2019-09-15 o?21:27, Rowland penny via samba pisze: > >> On 15/09/2019 20:19, Bart??omiej Solarz-Nies??uchowski wrote: > >>>> What OS is this and what Samba packages did you install ? > >>>> > >>> [root at oceanic etc]# which ldbsearch > >>> /usr/bin/ldbsearch > >>> [root at oceanic etc]# rpm -qf /usr/bin/ldbsearch > >>> ldb-tools-1.5.5-1.fc30.x86_64 > >>> > >> Is your DC Running Fedora ? > >> > >> If so, then I am sorry, but I must advise you that running > a Samba AD > >> DC on Fedora is experimental due to the use of MIT > kerberos and you > >> should not use it in production. > > > > OK so which OS can be used? centos will be ok? > > I install system on Centos 7 + samba-ad from > http://samba.tranquil.it/centos7/ and.... the same problems > > kerberos is MIT > > bind does not accept dns updates: > > dns_tkey_negotiategss: TKEY is unacceptable > Failed nsupdate: 1 > Failed update of 34 entries > > > So now I try different OS..... > > > > > > >> > >> Rowland > >> > >> > >> > > > > -- > Bart??omiej Solarz-Nies??uchowski, Administrator WSISiZ > e-mail: Bartlomiej.Solarz-Niesluchowski at wit.edu.pl > tel. 223486547, fax 223486501 > JID: solarz at jabber.wit.edu.pl > 01-447 Warszawa, ul. Newelska 6, pok?j 421, pon.-pt. 8-16 > Motto - Jak sobie po??cielisz tak sie wy??pisz > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >