On 2/6/2021 1:51 PM, Rowland penny via samba wrote:> On 06/02/2021 20:43, Dan Egli wrote:
>> I tried the -k, and no go. If I just put -k at the end it says -k
>> needs a paramater. Looking in the man page it says -k KERBEROS, so I
>> did, and now samba-tool says "samba-tool dns zonecreate: error:
>> invalid -k option value: KERBEROS"
>>
>> I am completely unfamiliar with Kerberos, so if this is a stupid
>> mistake, forgive me.
>
>
> No, it is not a stupid question, for 'KERBEROS' read
'no|yes|auto', so
> to use kerberos with your command you need a ticket (which will be
> 'krb5cc_0' in /tmp) and to add '-k yes' to the command.
>
> Rowland
>
Well, I tried with -k yes and still not working:
#? samba-tool dns zonecreate janus.eglifamily.name
10.168.192.in-addr.arpa -k yes
Failed to bind to uuid 50abc2a4-574d-40b3-9d66-ee4fd5fba076 for
ncacn_ip_tcp:2600:100e:b1df:d0d3:20c:29ff:fed0:8fed[49153,sign,target_hostname=janus.eglifamily.name,abstract_syntax=50abc2a4-574d-40b3-9d66-ee4fd5fba076/0x00000005,localaddress=2600:100e:b1df:d0d3:20c:29ff:fed0:8fed]
NT_STATUS_UNSUCCESSFUL
ERROR: Connecting to DNS RPC server janus.eglifamily.name failed with
(3221225473, '{Operation Failed} The requested operation was
unsuccessful.')
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator at EGLIFAMILY.NAME
Valid starting???? Expires??????????? Service principal
02/06/21 13:12:17? 02/06/21 23:12:17 krbtgt/EGLIFAMILY.NAME at EGLIFAMILY.NAME
??????? renew until 02/07/21 13:12:10
02/06/21 15:25:06? 02/06/21 23:12:17
host/JANUS.EGLIFAMILY.NAME at EGLIFAMILY.NAME
I'm open to the next suggestion.