Giacomo Gorgellino
2018-Nov-29 15:26 UTC
[Samba] samba_dnsupdate REFUSED between Samba4 AD DC and Win 2008r2
Il 29/11/2018 15:22, Rowland Penny via samba ha scritto:> On Thu, 29 Nov 2018 15:03:03 +0100 > "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote: > >> You dns keytab looks strange, my be due to manual changes.. > It looks strange because there is one of these missing: > > 1 DNS/mysamba4dc.mydomain.com at MYDOMAIN.COM > > Could be cut & paste error.Double checked again. There are 9 entries. Keytab has been created after switching to BIND9_DLZ with 10 entries. Switching back to INTERNAL is deleting 1 entry. I've pasted here a dump from the Win DNS refusing the update: https://pastebin.com/s1bmcbQK G.
Rowland Penny
2018-Nov-29 16:01 UTC
[Samba] samba_dnsupdate REFUSED between Samba4 AD DC and Win 2008r2
On Thu, 29 Nov 2018 16:26:48 +0100 Giacomo Gorgellino via samba <samba at lists.samba.org> wrote:> > Il 29/11/2018 15:22, Rowland Penny via samba ha scritto: > > On Thu, 29 Nov 2018 15:03:03 +0100 > > "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote: > > > >> You dns keytab looks strange, my be due to manual changes.. > > It looks strange because there is one of these missing: > > > > 1 DNS/mysamba4dc.mydomain.com at MYDOMAIN.COM > > > > Could be cut & paste error. > > Double checked again. There are 9 entries. > > Keytab has been created after switching to BIND9_DLZ with 10 entries. > > Switching back to INTERNAL is deleting 1 entry.Why is your Samba DC trying to update on the Windows DC, is your /etc/resolv.conf pointing to the Windows DC, if so, change it to point to its own IP. Rowland
Giacomo Gorgellino
2018-Nov-30 08:36 UTC
[Samba] samba_dnsupdate REFUSED between Samba4 AD DC and Win 2008r2
Il 29/11/2018 17:01, Rowland Penny via samba ha scritto:> > Why is your Samba DC trying to update on the Windows DC, is > your /etc/resolv.conf pointing to the Windows DC, if so, change it to > point to its own IP. >Ok, missed this: https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#DNS_Configuration_on_Domain_Controllers [ RTFM :-) ] Now I'm getting: dns_tkey_negotiategss: TKEY is unacceptable Failed update of 1 entries I will recheck all the steps to accomplish "Joining a Samba DC to an Existing Active Directory". I will update you as soon as I arrive at a solution. For the moment, thank you all. G.
L.P.H. van Belle
2018-Nov-30 08:53 UTC
[Samba] samba_dnsupdate REFUSED between Samba4 AD DC and Win 2008r2
Moring Giacomo, Now it more easy, i hope you noticed this one. https://wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Giacomo Gorgellino via samba > Verzonden: vrijdag 30 november 2018 9:37 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] samba_dnsupdate REFUSED between Samba4 > AD DC and Win 2008r2 > > > Il 29/11/2018 17:01, Rowland Penny via samba ha scritto: > > > > Why is your Samba DC trying to update on the Windows DC, is > > your /etc/resolv.conf pointing to the Windows DC, if so, > change it to > > point to its own IP. > > > Ok, missed this: > https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Exis > ting_Active_Directory#DNS_Configuration_on_Domain_Controllers > > [ RTFM :-) ] > > Now I'm getting: > > dns_tkey_negotiategss: TKEY is unacceptable > Failed update of 1 entries > > I will recheck all the steps to accomplish "Joining a Samba DC to an > Existing Active Directory". > > I will update you as soon as I arrive at a solution. > For the moment, thank you all. > > G. > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Giacomo Gorgellino
2019-Jan-03 14:40 UTC
[Samba] samba_dnsupdate REFUSED between Samba4 AD DC and Win 2008r2
Il 29/11/2018 17:01, Rowland Penny via samba ha scritto:> On Thu, 29 Nov 2018 16:26:48 +0100 > Giacomo Gorgellino via samba <samba at lists.samba.org> wrote: > >> Il 29/11/2018 15:22, Rowland Penny via samba ha scritto: >>> On Thu, 29 Nov 2018 15:03:03 +0100 >>> "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote: >>> >>>> You dns keytab looks strange, my be due to manual changes.. >>> It looks strange because there is one of these missing: >>> >>> 1 DNS/mysamba4dc.mydomain.com at MYDOMAIN.COM >>> >>> Could be cut & paste error. >> Double checked again. There are 9 entries. >> >> Keytab has been created after switching to BIND9_DLZ with 10 entries. >> >> Switching back to INTERNAL is deleting 1 entry. > Why is your Samba DC trying to update on the Windows DC, is > your /etc/resolv.conf pointing to the Windows DC, if so, change it to > point to its own IP. > > RowlandI've found this and it works: https://lists.samba.org/archive/samba/2015-August/193140.html Giacomo