Samba seems to have provisioned OK, but kinit cannot find the realm and I
have some records missing that I don't know how to fix:
itadmin at dc01:~$ kinit administrator at INTERNAL.KCS
kinit: Cannot find KDC for realm "INTERNAL.KCS" while getting initial
credentials
itadmin at dc01:~$ host -t SRV _ldap._tcp.internal.kcs
Host _ldap._tcp.internal.kcs not found: 3(NXDOMAIN)
itadmin at dc01:~$ host -t SRV _kerberos._udp.internal.kcs
Host _kerberos._udp.internal.kcs not found: 3(NXDOMAIN)
itadmin at dc01:~$ host -t A dc01.internal.kcs
dc01.internal.kcs has address 192.168.4.5
Where do I start?
Here's the output from the provisioning:
sudo samba-tool domain provision --use-rfc2307 --realm=internal.kcs
--domain=internal --dns-backend=BIND9_DLZ
INFO 2020-09-03 14:10:26,825 pid:7623
/usr/lib/python3/dist-packages/samba/netcmd/domain.py #453: Administrator
password will be set randomly!
INFO 2020-09-03 14:10:26,834 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2128: Looking
up IPv4 addresses
INFO 2020-09-03 14:10:26,835 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2145: Looking
up IPv6 addresses
WARNING 2020-09-03 14:10:26,835 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2152: No IPv6
address will be assigned
INFO 2020-09-03 14:10:27,434 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2323: Setting
up secrets.ldb
INFO 2020-09-03 14:10:27,454 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2329: Setting
up the registry
INFO 2020-09-03 14:10:27,468 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2332: Setting
up the privileges database
INFO 2020-09-03 14:10:27,491 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2335: Setting
up idmap db
INFO 2020-09-03 14:10:27,508 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2342: Setting
up SAM db
INFO 2020-09-03 14:10:27,513 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #898: Setting up
sam.ldb partitions and settings
INFO 2020-09-03 14:10:27,513 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #910: Setting up
sam.ldb rootDSE
INFO 2020-09-03 14:10:27,517 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1339:
Pre-loading the Samba 4 and AD schema
Unable to determine the DomainSID, can not enforce uniqueness constraint on
local domainSIDs
INFO 2020-09-03 14:10:27,549 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1417: Adding
DomainDN: DC=internal,DC=kcs
INFO 2020-09-03 14:10:27,559 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1449: Adding
configuration container
INFO 2020-09-03 14:10:27,569 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1464: Setting
up sam.ldb schema
INFO 2020-09-03 14:10:30,793 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1482: Setting
up sam.ldb configuration data
INFO 2020-09-03 14:10:30,977 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1523: Setting
up display specifiers
INFO 2020-09-03 14:10:33,095 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1531: Modifying
display specifiers and extended righ ts
INFO 2020-09-03 14:10:33,139 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1538: Adding
users container
INFO 2020-09-03 14:10:33,141 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1544: Modifying
users container
INFO 2020-09-03 14:10:33,142 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1547: Adding
computers container
INFO 2020-09-03 14:10:33,143 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1553: Modifying
computers container
INFO 2020-09-03 14:10:33,144 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1557: Setting
up sam.ldb data
INFO 2020-09-03 14:10:33,313 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1587: Setting
up well known security principals
INFO 2020-09-03 14:10:33,360 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1601: Setting
up sam.ldb users and groups
INFO 2020-09-03 14:10:33,497 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #1609: Setting
up self join
Repacking database from v1 to v2 format (first record
CN=Query-Filter,CN=Schema,CN=Configuration,DC=internal,DC=kcs)
Repack: re-packed 10000 records so far
Repacking database from v1 to v2 format (first record
CN=siteLinkBridge-Display,CN=419,CN=DisplaySpecifiers,CN=Configuration,DC=internal,DC=kcs)
Repacking database from v1 to v2 format (first record
CN=6bcd568a-8314-11d6-977b-00c04f613221,CN=Operations,CN=DomainUpdates,CN=System,DC=internal,DC=kcs)
INFO 2020-09-03 14:10:35,188 pid:7623
/usr/lib/python3/dist-packages/samba/provision/sambadns.py #1138: Adding
DNS accounts
INFO 2020-09-03 14:10:35,216 pid:7623
/usr/lib/python3/dist-packages/samba/provision/sambadns.py #1172: Creating
CN=MicrosoftDNS,CN=System,DC=internalDC=kcs
INFO 2020-09-03 14:10:35,252 pid:7623
/usr/lib/python3/dist-packages/samba/provision/sambadns.py #1185: Creating
DomainDnsZones and ForestDnsZones partitions
INFO 2020-09-03 14:10:35,327 pid:7623
/usr/lib/python3/dist-packages/samba/provision/sambadns.py #1190:
Populating DomainDnsZones and ForestDnsZones partitions
Repacking database from v1 to v2 format (first record
DC=_gc._tcp.Default-First-Site-Name._sites,DC=internal.kcs,CN=MicrosoftDNS,DC=DomainDnsZones,DC=internal,DC=kcs)
Repacking database from v1 to v2 format (first record
DC=_kerberos._tcp.dc,DC=_msdcs.internal.kcs,CN=MicrosoftDNS,DC=ForestDnsZones,DC=internal,DC=kcs)
WARNING 2020-09-03 14:10:35,716 pid:7623
/usr/lib/python3/dist-packages/samba/provision/sambadns.py #986: BIND
version unknown, please modify /var/lib/samba/bind-dns/named.conf manually.
INFO 2020-09-03 14:10:35,718 pid:7623
/usr/lib/python3/dist-packages/samba/provision/sambadns.py #1271: See
/var/lib/samba/bind-dns/named.conf for an example configuration include
file for BIND
INFO 2020-09-03 14:10:35,719 pid:7623
/usr/lib/python3/dist-packages/samba/provision/sambadns.py #1273: and
/var/lib/samba/bind-dns/named.txt for further documentation required for
secure DNS updates
INFO 2020-09-03 14:10:35,882 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2032: Setting
up sam.ldb rootDSE marking as synchronized
INFO 2020-09-03 14:10:35,887 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2037: Fixing
provision GUIDs
INFO 2020-09-03 14:10:37,757 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2394: A
Kerberos configuration suitable for Samba AD has been generated at
/var/lib/samba/private/krb5.conf
INFO 2020-09-03 14:10:37,757 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2396: Merge the
contents of this file with your system krb5.conf or replace it with this
one. Do not create a symlink!
INFO 2020-09-03 14:10:37,842 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #2102: Setting
up fake yp server settings
INFO 2020-09-03 14:10:37,958 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #490: Once the
above files are installed, your Samba AD server will be ready to use
INFO 2020-09-03 14:10:37,959 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #494: Admin
password: Redacted
INFO 2020-09-03 14:10:37,959 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #495: Server
Role: active directory domain
controller
INFO 2020-09-03 14:10:37,959 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #496: Hostname:
dc01
INFO 2020-09-03 14:10:37,959 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #497: NetBIOS
Domain: INTERNAL
INFO 2020-09-03 14:10:37,959 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #498: DNS
Domain: internal.kcs
INFO 2020-09-03 14:10:37,960 pid:7623
/usr/lib/python3/dist-packages/samba/provision/__init__.py #499: DOMAIN
SID: S-1-5-21-94634235-315857
9462-1119390749
On Thu, Sep 3, 2020 at 1:07 PM Rowland penny <rpenny at samba.org> wrote:
> On 03/09/2020 20:57, Peter Pollock wrote:
> > Ubuntu 20.4 and whatever Samba it installs (sorry, I'm not in
front of
> > the server right now).
>
> 4.11. x if I remember correctly, so okay to start with, but can I
> introduce to Louis Van Belle's repo:
>
> http://apt.van-belle.nl/
>
> Once you get up and running, you can use the packages there to keep
> current.
>
> >
> > Bind 9.16 (although there is no AD DNS Zone file for that version of
> > Bind so I'm using the version 9.12 file (database "dlopen
> > /usr/local/samba/lib/bind9/dlz_bind9_12.so")
> Yes, that will work, I think we have a bug about that, so it will get
> fixed.
> >
> > The provision did not go well. I'm not sure why. I'm learning
though.
> > slowly but, well, slowly.
>
> What went wrong ? perhaps we can point you in the right direction.
>
> Rowland
>
>
>