Julian Timm
2017-Jun-12 12:33 UTC
[Samba] Changing the IP Address of a Samba AD DC doesn't work - samba_dnsupdate crashes
Thanks for your reply Rowland!
1.
Here is my smb.conf
---
# Global parameters
[global]
interfaces = eth0
workgroup = MYDOMAIN
realm = mydomain.lan
netbios name = PDC
server string = PDC
server role = active directory domain controller
passdb backend = samba4
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl,
winbind, ntp_signd, kcc, dnsupdate
idmap_ldb:use rfc2307 = yes
# Kerberos Ticket Lifetime Einstellungen
kdc:service ticket lifetime = 24
kdc:user ticket lifetime = 24
kdc:renewal lifetime = 120
# Sonstige Optionen
hide files = /desktop.ini/ntuser.ini/NTUSER.*/Thumbs.db/$RECYCLE.BIN
reset on zero vc = yes
# Druckserver Optionen
load printers = yes
spoolss: architecture = Windows x64
rpc_server:spoolss = external
rpc_daemon:spoolssd = fork
# System-Freigaben
[netlogon]
path = /var/lib/samba/sysvol/mydomain.lan/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
# Benutzer-Freigaben, Programme und Daten
[Benutzer]
path = /volumes/HDD1/Benutzer
read only = No
oplocks = No
level2 oplocks = No
[Profile]
path = /volumes/HDD1/Profile
read only = No
oplocks = No
level2 oplocks = No
[Programme]
path = /volumes/HDD1/Programme
read only = No
ks = No
[Datenaustausch]
path = /volumes/HDD1/Datenaustausch
read only = No
[Install]
path = /volumes/HDD1/Install
read only = No
;; map = Z: () (Domain Admins) ()
# Drucker-Freigaben
[printers]
comment = All Printers
path = /var/spool/samba
browseable = Yes
read only = No
printable = Yes
printing = CUPS
[print$]
comment = Point and Print Printer Drivers
path = /var/lib/samba/printers
writeable = yes
---
1. I mean: Old IP: 192.168.18.201 - New IP: 192.168.68.201 (i did just copy and
paste and forget to change the ip)
2. I see that "ks" is a typo in my smb.conf! It should be
"oplocks = no"! I'will change that!
3. Yes this is a domain with only one DC
4. At the moment i've no time to update the server to a newer Ubuntu/Samba
version, so i hope we can get this work with Ubuntu 14.04.5
> Gesendet: Montag, 12. Juni 2017 um 13:12 Uhr
> Von: "Rowland Penny via samba" <samba at lists.samba.org>
> An: samba at lists.samba.org
> Betreff: Re: [Samba] Changing the IP Address of a Samba AD DC doesn't
work - samba_dnsupdate crashes
>
> On Mon, 12 Jun 2017 12:32:34 +0200
> Julian Timm via samba <samba at lists.samba.org> wrote:
>
> > Hello!
> >
> > I've followed your tutorial to change the IP Address of our Samba
AD
> > DC:
> >
https://wiki.samba.org/index.php/Changing_the_IP_Address_of_a_Samba_AD_DC
> >
> > But the samba_dnsupdate tool always crashes with this output:
> >
> > samba_dnsupdate --verbose
> > Unknown parameter encountered: "ks"
> > Ignoring unknown parameter "ks"
> > IPs: ['192.168.68.201']
>
> Can you post your smb.conf, this way we can see what 'ks' is and if
it
> is part of your problem.
>
> > Looking for DNS entry A mydomain.lan 192.168.68.201 as mydomain.lan.
> > Failed to find matching DNS entry A mydomain.lan 192.168.68.201
> > Looking for DNS entry A PDC.mydomain.lan 192.168.68.201 as
> > PDC.mydomain.lan. Failed to find matching DNS entry A
> > PDC.mydomain.lan 192.168.68.201 Looking for DNS entry A
> > gc._msdcs.mydomain.lan 192.168.68.201 as gc._msdcs.mydomain.lan.
> > Failed to find matching DNS entry A gc._msdcs.mydomain.lan
> > 192.168.68.201
> > as PDC.mydomain.lan. Looking for DNS entry A gc._msdcs.mydomain.lan
> > 192.168.18.201 as gc._msdcs.mydomain.lan. Traceback (most recent call
> > last): File "/usr/sbin/samba_dnsupdate", line 621, in
<module>
> > get_credentials(lp) File "/usr/sbin/samba_dnsupdate", line
125, in
> > get_credentials raise e RuntimeError: kinit for PDC$@mydomain.LAN
> > failed (Cannot contact any KDC for requested realm)
> >
> > -> Old IP: 192.168.18.201
> > -> New IP: 192.168.18.201
>
> Those IPs match
>
> >
> > Kinit failed because it still uses the old address.
> >
> > We are using Ubuntu 14.04.5 with Samba 4.3.11.
> >
>
> Is this a domain with only one DC ?
>
> Is there any way you can upgrade Samba ?
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
Rowland Penny
2017-Jun-12 12:53 UTC
[Samba] Changing the IP Address of a Samba AD DC doesn't work - samba_dnsupdate crashes
On Mon, 12 Jun 2017 14:33:59 +0200 Julian Timm via samba <samba at lists.samba.org> wrote:> Thanks for your reply Rowland! >> > 1. I mean: Old IP: 192.168.18.201 - New IP: 192.168.68.201 (i did > just copy and paste and forget to change the ip)OK> > 2. I see that "ks" is a typo in my smb.conf! It should be "oplocks > no"! I'will change that!Try running 'samba-tool testparm' and fix any errors it flags up.> > 3. Yes this is a domain with only one DC > > 4. At the moment i've no time to update the server to a newer > Ubuntu/Samba version, so i hope we can get this work with Ubuntu > 14.04.5 >Pity really, there is a known problem with samba_dnsupdate, the problem is, it doesn't always work ;-) The latest version has a new option '--use-samba-tool' and this does seem to work. Rowland
Mike Brown
2017-Jun-12 13:19 UTC
[Samba] Changing the IP Address of a Samba AD DC doesn't work - samba_dnsupdate crashes
On Mon, Jun 12, 2017 at 01:53:40PM +0100, Rowland Penny via samba wrote:> Try running 'samba-tool testparm' and fix any errors it flags up.Is "samba-tool' a ubuntu Samba thing? With Fedora Samba versions 3.5 and 4.5, it does not exist. The 'testparm' most certainly does and I agree with using it. I just recently set up my new Fedora 25 box and used it after putting my F14 smb.conf entries into the F25 smb.conf file. MB -- e-mail: vidiot at vidiot.com | vidiot at vidiot.net /~\ The ASCII 6082066843 at email.uscc.net (140 char limit) \ / Ribbon Campaign Visit - URL: http://vidiot.com/ X Against http://vidiot.net/ / \ HTML Email "You're Sherlock Holmes, wear the damn hat!" - Watson to Sherlock Sherlock - The Abominable Bride - 1/01/16