thr3ads.net - samba - [Samba] dns_tkey_negotiategss: TKEY is unacceptable [Dec 2015]

If this information is useful, please help other people find it:
Share via:

Carlos A. P. Cunha

2015-Dec-30 19:57 UTC

[Samba] dns_tkey_negotiategss: TKEY is unacceptable

Hello!
Output of command

# 1 record
dn: 
CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=MYDOMAIN
cn: {31B2F340-016D-11D2-945F-00C04FB984F9}
name: {31B2F340-016D-11D2-945F-00C04FB984F9}

Referral #
ref: ldap: //interno.mastersonda.com.br/CN=Configuration,DC=MYDOMAIN
Referral #
ref: ldap: //interno.mastersonda.com.br/DC=DomainDnsZones,DC=MYDOMAIN
Referral #
ref: ldap: //interno.mastersonda.com.br/DC=ForestDnsZones,DC=MYDOMAIN
# Returned 4 records
# 1 entries
# 3 referrals


One important thing to previous email error edited the file in line 
where accuses the error

I came 
/opt/samba/lib/python2.7/site-packages/samba/provision/__init__.py +282

and commented the line (not sure if this and bad)

# names.policyid = str (res7 [0] ["cn"]). replace ("{",
""). replace
("}", "")

Thus the error entering --dns-backend samba_upgradedns = BIND9_DLZ or 
--dns-backend samba_upgradedns = SAMBA_INTERNAL sumio and the case is 
made that, however validei the DNS account is deleted but not recreated, 
and sometimes when trying to recreate Manually says


ERROR (ldb): Failed to add user 'dns-DC-Linux': - samldb: Account name 
(sAMAccountName) 'dns-DC-LINUX' already in use!

However the account does not exist in the User list.



Thanks

Em 30-12-2015 17:41, Rowland penny escreveu:> On 30/12/15 18:19, Carlos A. P. Cunha wrote:
>> Hello!
>> I've got this error
>> dns_tkey_negotiategss: TKEY is unacceptable
>>
>> when running samba_dnsupdate --verbose
>>
>> With this error dynamic entries stopped working as Type A machines 
>> that entered in the field or entry to a new DC.
>>
>> Already tried the step described here
>>
>>
https://wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable
>>
>>
>> But when trying to delete the account used the same says that there 
>> is (and it really is not listed, create a manual account ok), but 
>> when running
>>
>> samba_upgradedns --dns-backend = BIND9_DLZ
>>
>> I got the error
>>
>> Reading domain information
>> Traceback (most recent call last):
>> File "/ opt / samba / sbin / samba_upgradedns", line 262, in
<module>
>> paths, lp.configfile, lp)
>> File 
>>
"/opt/samba/lib/python2.7/site-packages/samba/provision/__init__.py",
>> line 282, in find_provision_key_parameters
>> names.policyid = str (res7 [0] ["cn"]). replace
("{", ""). replace
>> ("}", "")
>> IndexError: list index out of range
>>
>> With more Debug
>>
>> [....]
>>
>> Module 'tombstone_reanimate' is disabled. Skip 
>> registration.lpcfg_servicenumber: could not find ldb
>> schema_fsmo_init: we are master [in] updates allowed [in]
>> lpcfg_servicenumber: could not find ldb
>> lpcfg_servicenumber: could not find ldb
>> lpcfg_servicenumber: could not find ldb
>> schema_fsmo_init: we are master [in] updates allowed [in]
>> Traceback (most recent call last):
>> File "/ opt / samba / sbin / samba_upgradedns", line 262, in
<module>
>> paths, lp.configfile, lp)
>> File 
>>
"/opt/samba/lib/python2.7/site-packages/samba/provision/__init__.py",
>> line 282, in find_provision_key_parameters
>> names.policyid = str (res7 [0] ["cn"]). replace
("{", ""). replace
>> ("}", "")
>> IndexError: list index out of range
>>
>>
>> Thanks
>>
>
> OK, try running this:
>
> ldbsearch -H /usr/local/samba/private/sam.ldb 
> '(cn={31B2F340-016D-11D2-945F-00C04FB984F9})' cn name
>
> What does it return?
>
> Rowland
>
>

Rowland penny

2015-Dec-30 20:38 UTC

head link

[Samba] dns_tkey_negotiategss: TKEY is unacceptable

On 30/12/15 19:57, Carlos A. P. Cunha wrote:> Hello!
> Output of command
>
> # 1 record
> dn: 
> CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=MYDOMAIN
> cn: {31B2F340-016D-11D2-945F-00C04FB984F9}
> name: {31B2F340-016D-11D2-945F-00C04FB984F9}
>
> Referral #
> ref: ldap: //interno.mastersonda.com.br/CN=Configuration,DC=MYDOMAIN
> Referral #
> ref: ldap: //interno.mastersonda.com.br/DC=DomainDnsZones,DC=MYDOMAIN
> Referral #
> ref: ldap: //interno.mastersonda.com.br/DC=ForestDnsZones,DC=MYDOMAIN
> # Returned 4 records
> # 1 entries
> # 3 referrals
>
>
> One important thing to previous email error edited the file in line 
> where accuses the error
>
> I came 
> /opt/samba/lib/python2.7/site-packages/samba/provision/__init__.py +282
>
> and commented the line (not sure if this and bad)
>
> # names.policyid = str (res7 [0] ["cn"]). replace ("{",
""). replace
> ("}", "")
>
> Thus the error entering --dns-backend samba_upgradedns = BIND9_DLZ or 
> --dns-backend samba_upgradedns = SAMBA_INTERNAL sumio and the case is 
> made that, however validei the DNS account is deleted but not 
> recreated, and sometimes when trying to recreate Manually says
>
>
> ERROR (ldb): Failed to add user 'dns-DC-Linux': - samldb: Account
name
> (sAMAccountName) 'dns-DC-LINUX' already in use!
>
> However the account does not exist in the User list.
>
>
>
> Thanks
>
>
Have you attempted to change the dns backend to the internal dns server, 
then change it back to the BIND_DLZ dns server, as the wiki page advises ?

Rowland

Carlos A. P. Cunha

2015-Dec-30 20:49 UTC

head link

[Samba] dns_tkey_negotiategss: TKEY is unacceptable

Hello! Yes already tried this, both he always says that the account 
already exists even if it does not exist, it affects only dicamicas 
entries, entries staticas work and replication as well, but as dynamic 
are troubled by instances in Multiple Sites will have problems ...


But some log or command that can help?

Thanks

Em 30-12-2015 18:38, Rowland penny escreveu:> On 30/12/15 19:57, Carlos A. P. Cunha wrote:
>> Hello!
>> Output of command
>>
>> # 1 record
>> dn: 
>>
CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=MYDOMAIN
>> cn: {31B2F340-016D-11D2-945F-00C04FB984F9}
>> name: {31B2F340-016D-11D2-945F-00C04FB984F9}
>>
>> Referral #
>> ref: ldap: //interno.mastersonda.com.br/CN=Configuration,DC=MYDOMAIN
>> Referral #
>> ref: ldap: //interno.mastersonda.com.br/DC=DomainDnsZones,DC=MYDOMAIN
>> Referral #
>> ref: ldap: //interno.mastersonda.com.br/DC=ForestDnsZones,DC=MYDOMAIN
>> # Returned 4 records
>> # 1 entries
>> # 3 referrals
>>
>>
>> One important thing to previous email error edited the file in line 
>> where accuses the error
>>
>> I came 
>> /opt/samba/lib/python2.7/site-packages/samba/provision/__init__.py +282
>>
>> and commented the line (not sure if this and bad)
>>
>> # names.policyid = str (res7 [0] ["cn"]). replace
("{", ""). replace
>> ("}", "")
>>
>> Thus the error entering --dns-backend samba_upgradedns = BIND9_DLZ or 
>> --dns-backend samba_upgradedns = SAMBA_INTERNAL sumio and the case is 
>> made that, however validei the DNS account is deleted but not 
>> recreated, and sometimes when trying to recreate Manually says
>>
>>
>> ERROR (ldb): Failed to add user 'dns-DC-Linux': - samldb:
Account
>> name (sAMAccountName) 'dns-DC-LINUX' already in use!
>>
>> However the account does not exist in the User list.
>>
>>
>>
>> Thanks
>>
>>
>
> Have you attempted to change the dns backend to the internal dns 
> server, then change it back to the BIND_DLZ dns server, as the wiki 
> page advises ?
>
> Rowland
>
>

Seemingly Similar Threads

Search for more possibly parallel threads

samba - Dec 2015 - dns_tkey_negotiategss: TKEY is unacceptable

[Samba] dns_tkey_negotiategss: TKEY is unacceptable

[Samba] dns_tkey_negotiategss: TKEY is unacceptable

[Samba] dns_tkey_negotiategss: TKEY is unacceptable

Seemingly Similar Threads