similar to: bug in join samba DC ( debian package )

Hi, i try to migrate an existing W2k3 AD to Samba4 with bind. Everything works fine, but dnsupdate fails with error: "dns_tkey_negotiategss: TKEY is unaccepteable". I found a lot of discussions around this topic, but no solution. Envirenment: OS: SLES11 SP3 with bind 9.9.3P2 Samba Packages from Servet: sernet-samba-4.0.9-5.suse111 I checked the following Points: After joining the

Dear all, after succesfull joining my new samba 4 DC to the domain. There is an error on using, samba_dnsupdate --verbose --all-names On the new joined dc: dns_tkey_negotiategss: TKEY is unacceptable Failed nsupdate: 1 How can I fix it!? Dnsupdate on the Master is running well. [root at s4slave etc]# samba_dnsupdate --verbose --all-names IPs: ['192.168.135.253'] Skipping PDC entry (SRV

Hi, samba_dnsupdate --verbose --all-names IPs: ['192.168.1.20'] force update: A samba4-dc1.empresa.com.br 192.168.1.20 force update: NS empresa.com.br samba4-dc1.empresa.com.br force update: NS _msdcs.empresa.com.br samba4-dc1.empresa.com.br force update: A empresa.com.br 192.168.1.20 force update: SRV _ldap._tcp.empresa.com.br samba4-dc1.empresa.com.br 389 force update: SRV

Hello, we have the following problem with a ADDC Sernet 4.7.6-11 on CentOS 7.4. We have two DCs, replication is working fine. We use bind9 as dns-backend. When we do a "samba_dnsupdate --all-names" we get the following messages: ------------------- [root at dc1 ~]# samba_dnsupdate --all-names dns_tkey_negotiategss: TKEY is unacceptable dns_tkey_negotiategss: TKEY is unacceptable

On Wed, 2 May 2018 13:54:01 +0200 Stefan Kania via samba <samba at lists.samba.org> wrote: > Hello, > we have the following problem with a ADDC Sernet 4.7.6-11 on CentOS > 7.4. We have two DCs, replication is working fine. We use bind9 as > dns-backend. When we do a "samba_dnsupdate --all-names" we get the > following messages: > ------------------- > [root at

Hello I tried on two vms on my vmware Workstation to use samba as DC. I want use BIND for dns system. To join the Domain had worked successfully after I recompiled the bind. It seems the zone are the same but Samba isn't in the ns-record. If I run dcpromo.exe I get this error message: This Active Directory DC is the last dns-server for the AD-zones. If I remove the DC the dns-names

is the time in sync on your servers ? >-----Oorspronkelijk bericht----- >Van: samba [mailto:samba-bounces at lists.samba.org] Namens Roel van Meer >Verzonden: donderdag 6 augustus 2015 9:28 >Aan: samba at lists.samba.org >Onderwerp: Re: [Samba] 2nd DC, internal DNS: >dns_tkey_negotiategss: TKEY is unacceptable > >L.P.H. van Belle writes: > >> check the rights

On 06/08/15 09:08, Roel van Meer wrote: > L.P.H. van Belle writes: > >> is the time in sync on your servers ? > > Yes it is. > > I managed to make it work by specifying the primary DC as nameserver > in /etc/resolv.conf of the secondary DC. As soon as I do that, > samba_dnsupdate works on the secondary. When I change it back to use > the local Samba as resolver,

Many (many) hours later, I'm finally throwing in the towel and seeking help. I have read everything I can find on the internet to no avail to get past my issues. I have to say, I'm very disappointed in the general quality and fragmentation of information on this topic. Samba isn't a turn-key solution as an AD by any stretch of the imagination. I've run the gamut so far with

check the rights on : /var/lib/samba/private/dns.keytab 640 root:bind /var/lib/samba/private/dns 750 root:bind /var/lib/samba/private/sam.ldb.d 750 root:bind Greetz, Louis >-----Oorspronkelijk bericht----- >Van: samba [mailto:samba-bounces at lists.samba.org] Namens Roel van Meer >Verzonden: donderdag 6 augustus 2015 8:55 >Aan: samba at lists.samba.org >Onderwerp: [Samba] 2nd

hello, we've just upgraded from samba 3.6.6 to samba 4.3.0. We are using INTERNAL as dns backend. We have 1 domain and 6 DCs on 5 different sites. Replication between DCs is ok as we can see with "samba-tool drs showrepl". We configured them like it is described on the wiki and used the RSAT tool "Sites and services" to add sites, subnets, links ... But for the 4 DCs

Ok, with the smb.conf change and then samba_dnsupdate --rpc-server-ip=192.168.177.19 --use-samba-tool --verbose I got no error messages. Shall I now revert the change? Monitor? At present samba_dnsupdate has nothing to do.. Thanks, Joachim -----Urspr?ngliche Nachricht----- Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Rowland penny via samba Gesendet: Monday, 12 August

On 2015-08-06 18:55, Roel van Meer wrote: > Hi everyone, > > I'm testing with a Samba4 AD network, and I have some problems with > DNS on the second DC, with which I could use a bit of your help. > > I have an AD with two DC's, both Samba 4.2.3. On the first DC, > samba_dnsupdate works fine. With stock 4.2.3 I get the error > > "TSIG error with

L.P.H. van Belle writes: > is the time in sync on your servers ? Yes it is. I managed to make it work by specifying the primary DC as nameserver in /etc/resolv.conf of the secondary DC. As soon as I do that, samba_dnsupdate works on the secondary. When I change it back to use the local Samba as resolver, it no longer works. So it is a DNS issue (possibly related to replication

On Mon, 16 Dec 2024 15:35:40 +0000 Peter Mittermayer via samba <samba at lists.samba.org> wrote: > No, no. All our servers have static IPs. Therefore there is no need > for dyndns update. > > Therefore I keep the line for the tkey-gssapi-keytab in bind > commented, thus disabling all dyndns updates. That isn't what it is only there for. I suggest you find a file called

On 11/19/2015 9:44 AM, Thierry Hotelier wrote: > hello, > we've just upgraded from samba 3.6.6 to samba 4.3.0. We are using > INTERNAL as dns backend. We have 1 domain and 6 DCs on 5 different > sites. Replication between DCs is ok as we can see with "samba-tool > drs showrepl". We configured them like it is described on the wiki and > used the RSAT tool

I have installed samba from source (I've tried both V4-0-stable and v4-1-stable) using BIND9_DLZ on Ubuntu server 13.04 and I'm unable to get samba_dnsupdate to function. # samba_dnsupdate --all-names --fail-immediately will return dns_tkey_negotiategss: TKEY is unacceptable If I then try nsupdate directly: nsupdate -g /tmp/tmpEk4_WK I also get: dns_tkey_negotiategss: TKEY is

On Wed, 16 May 2018 12:32:52 +0200 Stefan Kania via samba <samba at lists.samba.org> wrote: > It's me again :-) > Now we have DDNS with DHCP running but we have a problem on one of our > two DCs. Btw we used the setup and the script from wiki. > Doing a "dhclient" on a host we are getting the following messages: > ------------- > Mai 16 12:13:28 samba41

On 05/06/16 13:43, Jo wrote: >> Your DCs really need to be running at all times, so that replication >> can work properly, also each DC should use the other for their DNS >> server, anything unknown to the DNS servers on the DCs should be >> forwarded to an external DNS that does know or can find out. > I understand that they need to be up simultaneously for

L.P.H. van Belle writes: > check the rights on : > /var/lib/samba/private/dns.keytab 640 root:bind > /var/lib/samba/private/dns 750 root:bind > /var/lib/samba/private/sam.ldb.d 750 root:bind I'm using the internal DNS on both DC's, so I guess bind access rights aren't the issue. Thanks for your answer though :) Regards, Roel > >-----Oorspronkelijk