Ashley
2019-Feb-14 22:50 UTC
[Samba] Migrating to Samba 4.9.4 AD, kinit administrator -> kinit: Cannot contact any KDC for realm...
On 2019/02/14 22:19, Rowland Penny via samba wrote:> On Thu, 14 Feb 2019 21:43:43 +0200 > Ashley via samba <samba at lists.samba.org> wrote: > >> On 2019/02/14 21:12, Rowland Penny via samba wrote: >>> On Thu, 14 Feb 2019 19:14:19 +0200 >>> Ashley via samba <samba at lists.samba.org> wrote: >>> >>>> Hi there >>>> >>>> I have migrated from an older version of Samba DC to Samba 4.9.4 >>>> AD. Running Centos 7. One server with everything on... (AD and >>>> file server) Bind 9.9.4 >>>> >>>> Built from source. >>>> Followed directions in the wiki. >>>> All seems to go fine, but when I startup samba-ad-dc it shows a few >>>> errors. ([kdc failed to setup interfaces]) >>>> The initial tests (in the directions in wiki) go fine until I get >>>> to "kinit administrator" and it >>>> just gives -> kinit: Cannot contact any KDC for realm >>>> 'BHUBFAB.DDNS.NET' while getting initial credentials >>>> >>>> ...has been 3 days now, eish. >>>> >>>> Smb.conf: >>>> >>>> # Global parameters >>>> [global] >>>> bind interfaces only = Yes >>>> interfaces = lo enp0s25 >>>> netbios name = SIMBA >>>> realm = BHUBFAB.DDNS.NET >>>> server role = active directory domain controller >>>> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, >>>> kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate >>>> workgroup = BHUBFAB >>>> idmap_ldb:use rfc2307 = yes >>>> >>>> [netlogon] >>>> path >>>> = /usr/local/samba/var/locks/sysvol/bhubfab.ddns.net/scripts read >>>> only = No >>>> >>>> [sysvol] >>>> path = /usr/local/samba/var/locks/sysvol >>>> read only = No >>>> >>>> >>>> krb5.conf: >>>> [libdefaults] >>>> default_realm = BHUBFAB.DDNS.NET >>>> dns_lookup_realm = false >>>> dns_lookup_kdc = true >>>> >>>> >>>> systemctl status -l samba-ad-dc : >>>> >>>> \u25cf samba-ad-dc.service - Samba Active Directory Domain >>>> Controller Loaded: loaded (/etc/systemd/system/samba-ad-dc.service; >>>> disabled; vendor preset: disabled) >>>> Active: active (running) since Thu 2019-02-14 18:49:26 SAST; >>>> 23min ago Process: 19134 ExecStart=/usr/local/samba/sbin/samba -D >>>> (code=exited, status=0/SUCCESS) >>>> Main PID: 19141 (samba) >>>> Tasks: 23 >>>> CGroup: /system.slice/samba-ad-dc.service >>>> \u251c\u250019141 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019148 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019149 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019150 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019151 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019152 /usr/local/samba/sbin/smbd -D >>>> --option=server role check:inhibit=yes --foreground >>>> \u251c\u250019153 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019154 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019155 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019156 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019157 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019158 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019159 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019160 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019161 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019162 /usr/local/samba/sbin/samba -D >>>> \u251c\u250019163 /usr/local/samba/sbin/winbindd -D >>>> --option=server role check:inhibit=yes --foreground >>>> \u251c\u250019174 /usr/local/samba/sbin/smbd -D >>>> --option=server role check:inhibit=yes --foreground >>>> \u251c\u250019175 /usr/local/samba/sbin/smbd -D >>>> --option=server role check:inhibit=yes --foreground >>>> \u251c\u250019176 /usr/local/samba/sbin/winbindd -D >>>> --option=server role check:inhibit=yes --foreground >>>> \u251c\u250019177 /usr/local/samba/sbin/smbd -D >>>> --option=server role check:inhibit=yes --foreground >>>> \u251c\u250019199 /usr/local/samba/sbin/winbindd -D >>>> --option=server role check:inhibit=yes --foreground >>>> \u2514\u250019203 /usr/local/samba/sbin/winbindd -D >>>> --option=server role check:inhibit=yes --foreground >>>> >>>> Feb 14 18:49:27 simba.bhubfab.ddns.net samba[19156]: [2019/02/14 >>>> 18:49:27.180408, 0] >>>> ../source4/smbd/service_task.c:36(task_server_terminate) >>>> Feb 14 18:49:27 simba.bhubfab.ddns.net samba[19156]: >>>> task_server_terminate: task_server_terminate: [kdc failed to setup >>>> interfaces] >>>> Feb 14 18:49:27 simba.bhubfab.ddns.net winbindd[19163]: [2019/02/14 >>>> 18:49:27.553317, 0] >>>> ../source3/winbindd/winbindd_cache.c:3160(initialize_winbindd_cache) >>>> Feb 14 18:49:27 simba.bhubfab.ddns.net winbindd[19163]: >>>> initialize_winbindd_cache: clearing cache and re-creating with >>>> version number 2 >>>> Feb 14 18:49:27 simba.bhubfab.ddns.net winbindd[19163]: [2019/02/14 >>>> 18:49:27.636798, 0] ../lib/util/become_daemon.c:138(daemon_ready) >>>> Feb 14 18:49:27 simba.bhubfab.ddns.net winbindd[19163]: >>>> daemon_ready: STATUS=daemon 'winbindd' finished starting up and >>>> ready to serve connections Feb 14 18:49:27 simba.bhubfab.ddns.net >>>> smbd[19152]: [2019/02/14 18:49:27.790989, >>>> 0] ../lib/util/become_daemon.c:138(daemon_ready) Feb 14 18:49:27 >>>> simba.bhubfab.ddns.net smbd[19152]: daemon_ready: STATUS=daemon >>>> 'smbd' finished starting up and ready to serve connections Feb 14 >>>> 18:49:34 simba.bhubfab.ddns.net samba[19154]: [2019/02/14 >>>> 18:49:34.418113, >>>> 0] ../source4/lib/tls/tlscert.c:170(tls_cert_generate) Feb 14 >>>> 18:49:34 simba.bhubfab.ddns.net samba[19154]: TLS self-signed >>>> keys generated OK >>>> >>>> >>>> >>>> Any pointers will be very much appreciated! >>>> Thank you in advance >>>> >>> Did you by any chance upgrade from Samba version 4.7.x (or earlier) >>> directly to 4.9.4 ? >>> If you did, start downgrading again, it doesn't work, you will have >>> to upgrade to to a 4.8.x version first. >>> >>> Rowland >> Rowland hi there >> Thank you for quick reply! >> Unfortunately I did not make a note of the previous version, but I >> think it was 4.8.3 >> >> I will try install 4.8.x from source, run the classicupgrade, and see >> if it works. >> >> Many Thanx >> Best Regards >> ashley >> >> > Ah, 'classicupgrade' ???? > > RowlandYes, classicupgrade. I have installed 4.8.9 from source. I get same error when starting up: samba_terminate: samba_terminate of samba 24484: kdc failed to setup interfaces -> samba_terminate: samba_terminate of samba 24484: kdc failed to setup interfaces Except now it doesn't run at all. # smbclient -L localhost -U% Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED) # systemctl status -l samba-ad-dc \u25cf samba-ad-dc.service - Samba Active Directory Domain Controller Loaded: loaded (/etc/systemd/system/samba-ad-dc.service; disabled; vendor preset: disabled) Active: failed (Result: exit-code) since Fri 2019-02-15 00:16:29 SAST; 5min ago Process: 24477 ExecStart=/usr/local/samba/sbin/samba -D (code=exited, status=0/SUCCESS) Main PID: 24484 (code=exited, status=1/FAILURE) Feb 15 00:16:25 simba.bhubfab.ddns.net samba[24484]: samba_terminate: samba_terminate of samba 24484: kdc failed to setup interfaces Feb 15 00:16:25 simba.bhubfab.ddns.net systemd[1]: samba-ad-dc.service: main process exited, code=exited, status=1/FAILURE Feb 15 00:16:25 simba.bhubfab.ddns.net samba[24505]: [2019/02/15 00:16:25.446756, 0] ../source4/smbd/process_standard.c:81(sigterm_signal_handler) Feb 15 00:16:25 simba.bhubfab.ddns.net samba[24505]: sigterm_signal_handler: Exiting pid 24505 on SIGTERM Feb 15 00:16:28 simba.bhubfab.ddns.net samba[24497]: [2019/02/15 00:16:28.580378, 0] ../source4/lib/tls/tlscert.c:170(tls_cert_generate) Feb 15 00:16:28 simba.bhubfab.ddns.net samba[24497]: TLS self-signed keys generated OK Feb 15 00:16:29 simba.bhubfab.ddns.net samba[24497]: [2019/02/15 00:16:29.195719, 0] ../source4/smbd/process_standard.c:81(sigterm_signal_handler) Feb 15 00:16:29 simba.bhubfab.ddns.net samba[24497]: sigterm_signal_handler: Exiting pid 24497 on SIGTERM Feb 15 00:16:29 simba.bhubfab.ddns.net systemd[1]: Unit samba-ad-dc.service entered failed state. Feb 15 00:16:29 simba.bhubfab.ddns.net systemd[1]: samba-ad-dc.service failed. Many Thanx Best Regards ashley
Rowland Penny
2019-Feb-15 09:30 UTC
[Samba] Migrating to Samba 4.9.4 AD, kinit administrator -> kinit: Cannot contact any KDC for realm...
On Fri, 15 Feb 2019 00:50:13 +0200 Ashley via samba <samba at lists.samba.org> wrote:> > > Ah, 'classicupgrade' ???? > > > > Rowland > Yes, classicupgrade. > > I have installed 4.8.9 from source. > I get same error when starting up: samba_terminate: > samba_terminate of samba 24484: kdc failed to setup interfaces > -> samba_terminate: samba_terminate of samba 24484: kdc failed > to setup interfaces > > Except now it doesn't run at all. > # smbclient -L localhost -U% > Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED) >This is more likely something else, what are you 'classicupgrading' from ? What is in the original smb.conf ? Are you doing this on the original PDC ? If not, is the ethernet device name correct ? Rowland
Ashley
2019-Feb-19 17:20 UTC
[Samba] Migrating to Samba 4.9.4 AD, kinit administrator -> kinit: Cannot contact any KDC for realm...
Roland hi there I believe you are right. Yes I'm sure something not configured correctly? The old smb.conf below... Untitled Document Many thanx Best regards Ashley On 2019/02/15 11:30, Rowland Penny via samba wrote:> On Fri, 15 Feb 2019 00:50:13 +0200 > Ashley via samba <samba at lists.samba.org> wrote: > >>> Ah, 'classicupgrade' ???? >>> >>> Rowland >> Yes, classicupgrade. >> >> I have installed 4.8.9 from source. >> I get same error when starting up: samba_terminate: >> samba_terminate of samba 24484: kdc failed to setup interfaces >> -> samba_terminate: samba_terminate of samba 24484: kdc failed >> to setup interfaces >> >> Except now it doesn't run at all. >> # smbclient -L localhost -U% >> Connection to localhost failed (Error NT_STATUS_CONNECTION_REFUSED) >> > This is more likely something else, what are you 'classicupgrading' > from ?I think it was 4.8.3 (The standard Centos 7 packages)> What is in the original smb.conf ?See below> Are you doing this on the original PDC ?Yes. All on the same box.> If not, is the ethernet device name correct ?I'm also running a virtual machine on this box. Could that influence?> Rowland >original smb.conf (excluding the shares): [global] workgroup = BHUBFAB server string = Server netbios name = SIMBA domain logons = Yes domain master = Yes # interfaces = lo enp0s25 br0 enp1s0 interfaces = lo enp0s25 hosts allow = 127., 192.168.192., 192.168.194., 192.168.190., 10.44.8., 10.44.9. follow symlinks = yes wide links = yes unix extensions = no ntlm auth = yes # this for workaround for recent Win 10 update prevents logon # log files split per-machine: log file = /var/log/samba/log.%m # maximum size of 50KB per log file, then rotate: max log size = 50 security = user passdb backend = tdbsam logon path logon drive = H: add user script = /usr/sbin/useradd "%u" -n -g users add group script = /usr/sbin/groupadd "%g" add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u" delete user script = /usr/sbin/userdel "%u" delete user from group script = /usr/sbin/userdel "%u" "%g" delete group script = /usr/sbin/groupdel "%g" local master = yes os level = 255 preferred master = yes wins support = yes # name resolve order = wins lmhosts host dns bcast name resolve order = wins lmhosts host bcast admin users = ashley load printers = yes cups options = raw #============================ Share Definitions ======