Jakub Kulesza
2017-Apr-23 11:37 UTC
[Samba] kerberos got crazy after ubuntu upgrade from 14.04 to 16.04
Rowland, thanks for answering 2017-04-23 12:21 GMT+02:00 Rowland Penny <rpenny at samba.org>:> On Sun, 23 Apr 2017 11:40:45 +0200 > Jakub Kulesza <jakkul+samba at gmail.com> wrote: > > > OK, I've deleted everything what Rowland suggested. THANKS > > > > Now smb.conf looks like this > > > > [netlogon] > > path = /var/local/samba/var/lib/samba/netlogon > > #path = /var/lib/samba/sysvol/biuro.domain/scripts > > Put netlogon back into sysvol and what happened to the 'sysvol' share ? > >they are still there, I did not post the shares :)> > You do not test a DC like that, did you actually join the Samba AD DC > with samba-tool ? >this was working before upgrade so I did not join AD DC using samba-tool again. If everything else fails I will do it, but: # samba-tool domain info pdc Forest : biuro.gpm-vindexus.pl Domain : biuro.gpm-vindexus.pl Netbios domain : GPMV DC name : pdc.biuro.gpm-vindexus.pl DC netbios name : PDC Server site : Default-First-Site-Name Client site : Default-First-Site-Name (pdc is the dns name of the server)
Rowland Penny
2017-Apr-23 11:50 UTC
[Samba] kerberos got crazy after ubuntu upgrade from 14.04 to 16.04
On Sun, 23 Apr 2017 13:37:25 +0200 Jakub Kulesza <jakkul+samba at gmail.com> wrote:> Rowland, thanks for answering > > > You do not test a DC like that, did you actually join the Samba AD > > DC with samba-tool ? > > > > this was working before upgrade so I did not join AD DC using > samba-tool again. If everything else fails I will do it, but:No, I meant originally, do not run the join command again.> > # samba-tool domain info pdc > Forest : biuro.gpm-vindexus.pl > Domain : biuro.gpm-vindexus.pl > Netbios domain : GPMV > DC name : pdc.biuro.gpm-vindexus.pl > DC netbios name : PDC > Server site : Default-First-Site-Name > Client site : Default-First-Site-Name > > (pdc is the dns name of the server)OK, but calling an AD DC 'PDC' is (in my opinion) a bad idea, but you will now have to put up with it ;-) A 'PDC' is a totally different thing from an 'AD DC' and as such, can cause confusion. You have also posted that you are running a kerberos server on your DC, you should stop this, the AD DC is also running one. Rowland
Jakub Kulesza
2017-Apr-23 11:54 UTC
[Samba] kerberos got crazy after ubuntu upgrade from 14.04 to 16.04
I did stop it. And everything went back to life. I wonder why it did work this way on 14.04... 37 years on the clock and life still surprises me :) Thanks guys, issue looks solved. If anyone's in Warsaw/PL, beer's on me. 2017-04-23 13:50 GMT+02:00 Rowland Penny <rpenny at samba.org>:> On Sun, 23 Apr 2017 13:37:25 +0200 > Jakub Kulesza <jakkul+samba at gmail.com> wrote: > > > Rowland, thanks for answering > > > > > You do not test a DC like that, did you actually join the Samba AD > > > DC with samba-tool ? > > > > > > > this was working before upgrade so I did not join AD DC using > > samba-tool again. If everything else fails I will do it, but: > > No, I meant originally, do not run the join command again. > > > > > # samba-tool domain info pdc > > Forest : biuro.gpm-vindexus.pl > > Domain : biuro.gpm-vindexus.pl > > Netbios domain : GPMV > > DC name : pdc.biuro.gpm-vindexus.pl > > DC netbios name : PDC > > Server site : Default-First-Site-Name > > Client site : Default-First-Site-Name > > > > (pdc is the dns name of the server) > > OK, but calling an AD DC 'PDC' is (in my opinion) a bad idea, but you > will now have to put up with it ;-) > > A 'PDC' is a totally different thing from an 'AD DC' and as such, can > cause confusion. > > You have also posted that you are running a kerberos server on your DC, > you should stop this, the AD DC is also running one. > > Rowland > >