thr3ads.net - samba - [Samba] Ubuntu DC dns update failure [Jun 2014]

If this information is useful, please help other people find it:
Share via:

steve

2014-Jun-05 18:38 UTC

[Samba] Ubuntu DC dns update failure

Hi
Lubuntu 14.04 with bind9 and the samba 4.1.8 tarball
All seems well. However, 2 errors:

1. upon starting samba:
samba: setproctitle not initialized, please either call
setproctitle_init() or link against libbsd-ctor.

2. samba_dnsupdate
- error from samba:
../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
NT_STATUS_IO_TIMEOUT

- error whilst running samba_dnsupdate:
Looking for DNS entry SRV
_gc._tcp.default-first-site-name._sites.altea.site palmera.altea.site
3268 as _gc._tcp.default-first-site-name._sites.altea.site.
Checking 0 100 3268 palmera.altea.site. against SRV
_gc._tcp.default-first-site-name._sites.altea.site palmera.altea.site
3268
Traceback (most recent call last):
  File "/usr/local/samba/sbin/samba_dnsupdate", line 510, in
<module>
    get_credentials(lp)
  File "/usr/local/samba/sbin/samba_dnsupdate", line 123, in
get_credentials
    raise e
RuntimeError: kinit for PALMERA$@ALTEA.SITE failed (Cannot contact any
KDC for requested realm)

/etc/hosts
127.0.0.1 localhost
192.168.1.132 palmera.altea.site palmera

/etc/resolv.conf
nameserver 192.168.1.132
search altea.site

/etc/hostname
palmera.altea.site

 /etc/krb5.conf
[libdefaults]
	default_realm = ALTEA.SITE
	dns_lookup_realm = false
	dns_lookup_kdc = true
[realms]
  ALTEA.SITE = {
  kdc = palmera.altea.site:88
 }

apparmor is not running


hostname -d -s and -d all return correctly
bind 9 loads the samba_dlz partitions OK
all the dns checks in the howto pass OK

It seems that it's failing getting a ticket using the machine key,
however we can kinit using secrets.keytab fine.

Here is private:
drwxrwx--- 3 bind bind    4096 jun  5 18:41 dns
-rw-r----- 1 bind bind     742 jun  5 18:41 dns.keytab
-rw-r--r-- 1 root root    2270 jun  5 18:41 dns_update_list
-rw------- 1 root root 1286144 jun  5 18:40 hklm.ldb
-rw------- 1 root root 1609728 jun  5 19:25 idmap.ldb
-rw-r--r-- 1 root root      91 jun  5 18:41 krb5.conf
srwxrwxrwx 1 root root       0 jun  5 20:33 ldapi
drwxr-x--- 2 root root    4096 jun  5 20:33 ldap_priv
-rw-r--r-- 1 root bind     555 jun  5 19:22 named.conf
-rw-r--r-- 1 root root     555 jun  5 19:21 named.conf~
-r--r--r-- 1 root root     220 jun  5 18:52 named.conf.update
-rw-r--r-- 1 root root    2212 jun  5 18:41 named.txt
-rw------- 1 root root 1286144 jun  5 18:40 privilege.ldb
-rw------- 1 root root     696 jun  5 18:52 randseed.tdb
-rw------- 1 root root 4251648 jun  5 18:41 sam.ldb
drwxr-x--- 2 root bind    4096 jun  5 18:41 sam.ldb.d
-rw------- 1 root root     696 jun  5 20:32 schannel_store.tdb
-rw------- 1 root bind    1082 jun  5 18:41 secrets.keytab
-rw------- 1 root root 1286144 jun  5 18:41 secrets.ldb
-rw------- 1 root root  430080 jun  5 20:33 secrets.tdb
-rw------- 1 root root 1286144 jun  5 18:40 share.ldb
drwxr-xr-x 3 root root    4096 jun  5 18:52 smbd.tmp
-rw-r--r-- 1 root root     955 jun  5 18:41 spn_update_list
drwx------ 2 root root    4096 jun  5 18:52 tls

Any ideas anyone?
Cheers,
Steve

Davor Vusir

2014-Jun-05 20:03 UTC

head link

[Samba] Ubuntu DC dns update failure

In my working ubuntu 14.04 and Samba 4.1.8 the configurations that differ
are:

/etc/hosts
127.0.0.1 palmera.altea.site palmera localhost localhost.localdomain
192.168.1.132 palmera.altea.site palmera

and that the [realm] part in /etc/krb5.conf is missing.

Regards
Davor
 Den 5 jun 2014 20:38 skrev "steve" <steve at steve-ss.com>:
> Hi
> Lubuntu 14.04 with bind9 and the samba 4.1.8 tarball
> All seems well. However, 2 errors:
>
> 1. upon starting samba:
> samba: setproctitle not initialized, please either call
> setproctitle_init() or link against libbsd-ctor.
>
> 2. samba_dnsupdate
> - error from samba:
> ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
> NT_STATUS_IO_TIMEOUT
>
> - error whilst running samba_dnsupdate:
> Looking for DNS entry SRV
> _gc._tcp.default-first-site-name._sites.altea.site palmera.altea.site
> 3268 as _gc._tcp.default-first-site-name._sites.altea.site.
> Checking 0 100 3268 palmera.altea.site. against SRV
> _gc._tcp.default-first-site-name._sites.altea.site palmera.altea.site
> 3268
> Traceback (most recent call last):
>   File "/usr/local/samba/sbin/samba_dnsupdate", line 510, in
<module>
>     get_credentials(lp)
>   File "/usr/local/samba/sbin/samba_dnsupdate", line 123, in
> get_credentials
>     raise e
> RuntimeError: kinit for PALMERA$@ALTEA.SITE failed (Cannot contact any
> KDC for requested realm)
>
> /etc/hosts
> 127.0.0.1 localhost
> 192.168.1.132 palmera.altea.site palmera
>
> /etc/resolv.conf
> nameserver 192.168.1.132
> search altea.site
>
> /etc/hostname
> palmera.altea.site
>
>  /etc/krb5.conf
> [libdefaults]
>         default_realm = ALTEA.SITE
>         dns_lookup_realm = false
>         dns_lookup_kdc = true
> [realms]
>   ALTEA.SITE = {
>   kdc = palmera.altea.site:88
>  }
>
> apparmor is not running
>
>
> hostname -d -s and -d all return correctly
> bind 9 loads the samba_dlz partitions OK
> all the dns checks in the howto pass OK
>
> It seems that it's failing getting a ticket using the machine key,
> however we can kinit using secrets.keytab fine.
>
> Here is private:
> drwxrwx--- 3 bind bind    4096 jun  5 18:41 dns
> -rw-r----- 1 bind bind     742 jun  5 18:41 dns.keytab
> -rw-r--r-- 1 root root    2270 jun  5 18:41 dns_update_list
> -rw------- 1 root root 1286144 jun  5 18:40 hklm.ldb
> -rw------- 1 root root 1609728 jun  5 19:25 idmap.ldb
> -rw-r--r-- 1 root root      91 jun  5 18:41 krb5.conf
> srwxrwxrwx 1 root root       0 jun  5 20:33 ldapi
> drwxr-x--- 2 root root    4096 jun  5 20:33 ldap_priv
> -rw-r--r-- 1 root bind     555 jun  5 19:22 named.conf
> -rw-r--r-- 1 root root     555 jun  5 19:21 named.conf~
> -r--r--r-- 1 root root     220 jun  5 18:52 named.conf.update
> -rw-r--r-- 1 root root    2212 jun  5 18:41 named.txt
> -rw------- 1 root root 1286144 jun  5 18:40 privilege.ldb
> -rw------- 1 root root     696 jun  5 18:52 randseed.tdb
> -rw------- 1 root root 4251648 jun  5 18:41 sam.ldb
> drwxr-x--- 2 root bind    4096 jun  5 18:41 sam.ldb.d
> -rw------- 1 root root     696 jun  5 20:32 schannel_store.tdb
> -rw------- 1 root bind    1082 jun  5 18:41 secrets.keytab
> -rw------- 1 root root 1286144 jun  5 18:41 secrets.ldb
> -rw------- 1 root root  430080 jun  5 20:33 secrets.tdb
> -rw------- 1 root root 1286144 jun  5 18:40 share.ldb
> drwxr-xr-x 3 root root    4096 jun  5 18:52 smbd.tmp
> -rw-r--r-- 1 root root     955 jun  5 18:41 spn_update_list
> drwx------ 2 root root    4096 jun  5 18:52 tls
>
> Any ideas anyone?
> Cheers,
> Steve
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

Possibly Parallel Threads

Search for more apparently analagous threads

samba - Jun 2014 - Ubuntu DC dns update failure

[Samba] Ubuntu DC dns update failure

[Samba] Ubuntu DC dns update failure

Possibly Parallel Threads