Rowland Penny
2017-Dec-04 21:07 UTC
[Samba] Samba 4.7.2 + bind on Fedora 27: samba_dlz: spnego update failed
On Mon, 04 Dec 2017 21:42:21 +0100 Dario Lesca via samba <samba at lists.samba.org> wrote:> Il giorno lun, 04/12/2017 alle 16.02 +0000, Rowland Penny via samba ha > scritto: > > The significant word there is 'replay'. > > > > see here: > > > > https://lists.samba.org/archive/samba/2017-November/211990.html > > > > > > Thank Rowland, this tread > https://lists.samba.org/archive/samba/2017-November/thread.html#212035 > is very usefull. > > Then my problem is a bug already filled: > https://bugzilla.samba.org/show_bug.cgi?id=13066 > > I must only ignore this error, wait for a patch and follow the Andreas > suggest: > > > > But what would be the right way to test DNS updates in this > > scenario? > > > > Use a joined workstation and run 'net ads dns register'? Or you > > disable the replay cache on the server side ... > > Question: howto I can "disable the replay cache" ? > > Thanks >First and foremost, I do not use MIT kerberos, so I am not sure if this will work, but I found this webpage: https://web.mit.edu/kerberos/krb5-1.12/doc/basic/rcache_def.html Where it says that if you set the enviromental variable KRB5RCACHETYPE to 'none' it will not be used i.e. 'export KRB5RCACHETYPE=none' Rowland
Dario Lesca
2017-Dec-24 17:37 UTC
[Samba] [solved] Samba 4.7.2 + bind on Fedora 27: samba_dlz: spnego update failed
Il giorno lun, 04/12/2017 alle 21.07 +0000, Rowland Penny via samba ha scritto:> Where it says that if you set the enviromental variable > KRB5RCACHETYPE to 'none' it will not be used i.e. 'export > KRB5RCACHETYPE=none'Today (finally!) I have try this: # echo 'KRB5RCACHETYPE="none"' >> /etc/sysconfig/named # systemctl restart named # samba_dnsupdate --all-names --fail-immediately And all work fine Also the dhcp client hostname update now work fine. Now the "samba_dlz: spnego update failed" is gone Than all work fine. Thanks> > Rowland-- Dario Lesca (inviato dal mio Linux Fedora 27 Workstation)
Rowland Penny
2017-Dec-24 18:48 UTC
[Samba] [solved] Samba 4.7.2 + bind on Fedora 27: samba_dlz: spnego update failed
On Sun, 24 Dec 2017 18:37:06 +0100 Dario Lesca via samba <samba at lists.samba.org> wrote:> Il giorno lun, 04/12/2017 alle 21.07 +0000, Rowland Penny via samba ha > scritto: > > Where it says that if you set the enviromental variable > > KRB5RCACHETYPE to 'none' it will not be used i.e. 'export > > KRB5RCACHETYPE=none' > > Today (finally!) I have try this: > > # echo 'KRB5RCACHETYPE="none"' >> /etc/sysconfig/named > # systemctl restart named > # samba_dnsupdate --all-names --fail-immediately > > And all work fine > > Also the dhcp client hostname update now work fine. > > Now the "samba_dlz: spnego update failed" is gone > > Than all work fine. > > Thanks > > > > > RowlandAH, I also bet you have the word 'replay' in your logs with reference to the named updates, MIT kerberos doesn't allow these and Samba dns depends on them. Should have thought about it, but it only happens on red-hat distros and I don't use red-hat distros ;-) Rowland