This is a common error. https://wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Bart??omiej Solarz-Nies??uchowski via samba > Verzonden: maandag 16 september 2019 14:09 > Aan: samba at lists.samba.org > CC: ubi >> Maciej Wysocki [WSISiZ]; Bart??omiej Solarz > Onderwerp: Re: [Samba] Migrating Samba NT4 Domain to Samba AD > > W dniu 2019-09-15 o?21:33, Bart??omiej Solarz-Nies??uchowski > via samba pisze: > > W dniu 2019-09-15 o?21:27, Rowland penny via samba pisze: > >> On 15/09/2019 20:19, Bart??omiej Solarz-Nies??uchowski wrote: > >>>> What OS is this and what Samba packages did you install ? > >>>> > >>> [root at oceanic etc]# which ldbsearch > >>> /usr/bin/ldbsearch > >>> [root at oceanic etc]# rpm -qf /usr/bin/ldbsearch > >>> ldb-tools-1.5.5-1.fc30.x86_64 > >>> > >> Is your DC Running Fedora ? > >> > >> If so, then I am sorry, but I must advise you that running > a Samba AD > >> DC on Fedora is experimental due to the use of MIT > kerberos and you > >> should not use it in production. > > > > OK so which OS can be used? centos will be ok? > > I install system on Centos 7 + samba-ad from > http://samba.tranquil.it/centos7/ and.... the same problems > > kerberos is MIT > > bind does not accept dns updates: > > dns_tkey_negotiategss: TKEY is unacceptable > Failed nsupdate: 1 > Failed update of 34 entries > > > So now I try different OS..... > > > > > > >> > >> Rowland > >> > >> > >> > > > > -- > Bart??omiej Solarz-Nies??uchowski, Administrator WSISiZ > e-mail: Bartlomiej.Solarz-Niesluchowski at wit.edu.pl > tel. 223486547, fax 223486501 > JID: solarz at jabber.wit.edu.pl > 01-447 Warszawa, ul. Newelska 6, pok?j 421, pon.-pt. 8-16 > Motto - Jak sobie po??cielisz tak sie wy??pisz > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
Bartłomiej Solarz-Niesłuchowski
2019-Sep-16 12:36 UTC
[Samba] Migrating Samba NT4 Domain to Samba AD
W dniu 2019-09-16 o?14:13, L.P.H. van Belle via samba pisze:> This is a common error. > > https://wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptableCommon but I tested everything as in this manual and found NONE errors but it still not works.... -- Bart?omiej Solarz-Nies?uchowski, Administrator WSISiZ e-mail: Bartlomiej.Solarz-Niesluchowski at wit.edu.pl tel. 223486547, fax 223486501 JID: solarz at jabber.wit.edu.pl 01-447 Warszawa, ul. Newelska 6, pok?j 421, pon.-pt. 8-16 Motto - Jak sobie po?cielisz tak sie wy?pisz
Well it was worth checking.. We just dont know what you already checked.. Then all i can say now is, or a different OS, or try Vincent's his packages. I see that is should support AD-DC, but I really dont know. I only do debian/ubuntu. At least it looks like it. (from : http://nova.polymtl.ca/~coyote/dist/samba/samba-4.10.8/RHEL7/SPECS/samba-v410x.spec ) %description dc The samba-dc package provides AD Domain Controller functionality -- See: http://nova.polymtl.ca/~coyote/dist/samba/samba-4.10.8 http://nova.polymtl.ca/~coyote/dist/samba/samba-4.9.13 ,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-, Maintained by : Vincent S. Cojot, -- Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Bart??omiej Solarz-Nies??uchowski via samba > Verzonden: maandag 16 september 2019 14:36 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Migrating Samba NT4 Domain to Samba AD > > W dniu 2019-09-16 o?14:13, L.P.H. van Belle via samba pisze: > > This is a common error. > > > > > https://wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable> > Common but I tested everything as in this manual and found > NONE errors > but it still not works.... > > > -- > Bart??omiej Solarz-Nies??uchowski, Administrator WSISiZ > e-mail: Bartlomiej.Solarz-Niesluchowski at wit.edu.pl > tel. 223486547, fax 223486501 > JID: solarz at jabber.wit.edu.pl > 01-447 Warszawa, ul. Newelska 6, pok?j 421, pon.-pt. 8-16 > Motto - Jak sobie po??cielisz tak sie wy??pisz > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
On 16/09/2019 15:04, L.P.H. van Belle via samba wrote:> Well it was worth checking.. We just dont know what you already checked.. > > Then all i can say now is, or a different OS, or try Vincent's his packages. > I see that is should support AD-DC, but I really dont know. I only do debian/ubuntu. > At least it looks like it. > > (from : http://nova.polymtl.ca/~coyote/dist/samba/samba-4.10.8/RHEL7/SPECS/samba-v410x.spec ) > %description dc > The samba-dc package provides AD Domain Controller functionality >The problem with this list is that 90% of the users do not use red-hat based distros, so everything is usually based around Debian based distros. I think we need to fall back to checking how the OP has set up his OS, we need to see the contents of the following files: /etc/hostname /etc/hosts /etc/resolv.conf /etc/krb5.conf /etc/samba/smb.conf And the output of these commands: hostname -s hostname -d hostname -i Rowland