My /etc/nsswitch.conf contains: hosts: files dns if thats what you mean? All my hosts in my test lab are clean installs of Ubuntu with very little else touched other than the stuff needed for testing kerberos and samba. And sorry for top posting if thats a problem on this list Kevin Ratcliffe Sent from [ProtonMail](https://protonmail.ch) -------- Original Message -------- Subject: Re: [Samba] smbclient and Kerberos Local Time: 4 November 2016 9:26 PM UTC Time: 4 November 2016 21:26 From: samba at lists.samba.org To: samba at lists.samba.org On Fri, 04 Nov 2016 17:19:03 -0400 Kevr via samba <samba at lists.samba.org> wrote:> I'm finding this a little odd as kinit seems to find the kdc okay, > just smbclient fails. > > host -t srv _kerberos._udp.lan resolves okay too. Could it be that my > realm is simply LAN and dns suffix is lan be an issue? This is just a > test set up in virtual box for a writeup I'm doing, hence the > nonstandard suffixes. > > > > Kevin Ratcliffe >Is avahi running ? or is Network Manager using dnsmasq ? Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
On Fri, 04 Nov 2016 17:56:09 -0400 Kevr <kevr at protonmail.com> wrote:> My /etc/nsswitch.conf contains: > > hosts: files dns > > if thats what you mean? All my hosts in my test lab are clean > installs of Ubuntu with very little else touched other than the stuff > needed for testing kerberos and samba. >No, try running this on your linux clients and DCs: ps ax | grep [a]vahi If you get any output, then avahi is running and could be getting in the way, if it is running, try stopping it. If you are using Network Manager, then this uses dnsmasq, open its conf file, find the dnsmasq line and comment it out. Check that the nameserver in /etc/resolv.conf is the DCs ipaddress. Rowland
I uninstalled avahi-daemon and disabled dnsmasq in NetworkManager.conf, restarted and still the same. THe nameserver in /etc/resolv.conf is now my nameserver(not using a DC, running apacheds ldap/kerberos combo and bind) and not 127.0.1.1 And please guys don't spend too much time on this. I am fine with accepting the fact that smbclient does honour the dns kdc lookup. Its more likely a quirk with my lab set up and I can alter my documentation accordingly. Thank you Rowland, Mike for your time. If ever you are in Salford UK, the beers are on me. Kevin Ratcliffe Sent from [ProtonMail](https://protonmail.ch) -------- Original Message -------- Subject: Re: [Samba] smbclient and Kerberos Local Time: 4 November 2016 10:03 PM UTC Time: 4 November 2016 22:03 From: samba at lists.samba.org To: samba at lists.samba.org <samba at lists.samba.org> On Fri, 04 Nov 2016 17:56:09 -0400 Kevr <kevr at protonmail.com> wrote:> My /etc/nsswitch.conf contains: > > hosts: files dns > > if thats what you mean? All my hosts in my test lab are clean > installs of Ubuntu with very little else touched other than the stuff > needed for testing kerberos and samba. >No, try running this on your linux clients and DCs: ps ax | grep [a]vahi If you get any output, then avahi is running and could be getting in the way, if it is running, try stopping it. If you are using Network Manager, then this uses dnsmasq, open its conf file, find the dnsmasq line and comment it out. Check that the nameserver in /etc/resolv.conf is the DCs ipaddress. Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba