search for: krbcc

...or the previous problem (inaccessible /etc/dhcp/ dir), then at line 47 show an mistaken error message "Required keytab /etc/dhcpduser.keytab not found," Solution 2: I have move dhcpduser.keytab file to /etc/samba and modify the script (see attachment). Problem 3: For strange reason the krbcc ticket cache /tmp/dhcp-dyndns.cc is not readable from dhcpd user, have owner root:root and 600 access. Solution 3: I have add into shell a specific error message and manually remove it Problem 4: The new ticket cache is not generate because user dhcpd cannot execute kinit: > # su - dhcpd -s /...

....sh.old 2017-04-26 11:06:30.930347314 +0200 +++ /etc/samba/bin/dhcp-dyndns.sh 2017-04-26 11:45:16.072373036 +0200 @@ -1,6 +1,6 @@ #!/bin/bash -# /etc/bin/dhcp-dyndns.sh +# /etc/samba/bin/dhcp-dyndns.sh # This script is for secure DDNS updates on Samba 4 # Version: 0.8.8 @@ -24,6 +24,12 @@ # krbcc ticket cache export KRB5CCNAME="/tmp/dhcp-dyndns.cc" +if [ -f "$KRB5CCNAME" -a ! -r "$KRB5CCNAME" ] +then + echo "File krbcc ticket cache $KRB5CCNAME is not readable. Remove it with 'rm -f $KRB5CCNAME'" + exit 1 +fi + # Kerberos principal S...

On Thu, 3 Sep 2015, Rowland Penny wrote: > What are the permissions on /var/lib/samba/private/dns ? Also don't forget the permissions on /var/lib/samba/private If you're using sernet's packages, you'll have to chgrp it to to named or give it o+x perms.

...; # DNS nameserver > ns=127.0.0.1 > # > ## Do not change anything below here > # Kerberos principal > SETPRINCIPAL=$SETDHCPUSER@$SETREALM > # Kerberos keytab > SETDHCPKEYTAB=/etc/$SETDHCPUSER.keytab > # Default DNS resource records TTL > RRTTL="3600" > > # krbcc ticket cache > export KRB5CCNAME="/tmp/dhcp-dyndns.cc" > > ## Command locations, with full paths it speeds up processing. > ## ( tested on Ubuntu 14.04, Debian 7.5 ) > CMDSORT="$(which sort)" > CMDAWK="$(which awk)" > CMDHEAD="$(which head)&qu...

....g. "-d" for debug #NSUPDFLAGS="-d" # DNS nameserver ns=127.0.0.1 # ## Do not change anything below here # Kerberos principal SETPRINCIPAL=$SETDHCPUSER@$SETREALM # Kerberos keytab SETDHCPKEYTAB=/etc/$SETDHCPUSER.keytab # Default DNS resource records TTL RRTTL="3600" # krbcc ticket cache export KRB5CCNAME="/tmp/dhcp-dyndns.cc" ## Command locations, with full paths it speeds up processing. ## ( tested on Ubuntu 14.04, Debian 7.5 ) CMDSORT="$(which sort)" CMDAWK="$(which awk)" CMDHEAD="$(which head)" CMDECHO="$(which echo)&qu...

..., ""); } ===================================   CURRENT DHCP-DYNDNS.SH   /usr/local/bin/dhcp-dyndns.sh =================================== #!/bin/bash # /usr/local/bin/dhcp-dyndns.sh # Additional nsupdate flags (-g already applied), e.g. "-d" for debug NSUPDFLAGS="-d" # krbcc ticket cache export KRB5CCNAME="/tmp/dhcp-dyndns.cc" # Variables supplied by dhcpd.conf action=$1 ip=$2 DHCID=$3 name=${4%%.*} # Check for valid kerberos ticket _KERBEROS () { klist -c /tmp/dhcp-dyndns.cc -s if [ "$?" != "0" ]; then     kinit -F -k -t /etc/dhcpduser....

Hey Rowland, Below is a cutdown version of my DHCP. As you can see, I haven't really set anything up for ddns-update. While using Samba4's internal DNS I had the setting 'ddns-update-style interim;' and it seemed to have worked fine. But with bind I'm not sure what else is needed. Thanks for taking a look at it. Philip # # DHCP Server Configuration file. # see

...;> # >> ## Do not change anything below here >> # Kerberos principal >> SETPRINCIPAL=$SETDHCPUSER@$SETREALM >> # Kerberos keytab >> SETDHCPKEYTAB=/etc/$SETDHCPUSER.keytab >> # Default DNS resource records TTL >> RRTTL="3600" >> >> # krbcc ticket cache >> export KRB5CCNAME="/tmp/dhcp-dyndns.cc" >> >> ## Command locations, with full paths it speeds up processing. >> ## ( tested on Ubuntu 14.04, Debian 7.5 ) >> CMDSORT="$(which sort)" >> CMDAWK="$(which awk)" >> CM...

...e anything below here >>> # Kerberos principal >>> SETPRINCIPAL=$SETDHCPUSER@$SETREALM >>> # Kerberos keytab >>> SETDHCPKEYTAB=/etc/$SETDHCPUSER.keytab >>> # Default DNS resource records TTL >>> RRTTL="3600" >>> >>> # krbcc ticket cache >>> export KRB5CCNAME="/tmp/dhcp-dyndns.cc" >>> >>> ## Command locations, with full paths it speeds up processing. >>> ## ( tested on Ubuntu 14.04, Debian 7.5 ) >>> CMDSORT="$(which sort)" >>> CMDAWK="$(whic...

Il giorno mar, 25/04/2017 alle 13.26 +0100, Rowland Penny via samba ha scritto: > On Tue, 25 Apr 2017 14:07:05 +0200 > Dario Lesca via samba <samba at lists.samba.org> wrote: > > > I have setup a new Samba Active Directory DC on Fedora 25 and > > samba- > > 4.5.8-1.fc25.x86_64, rebuild from src.rpm with dc option enable. > > > > This system