similar to: Samba4 AD with bind DNS / TKEY is unacceptable

Displaying 20 results from an estimated 40000 matches similar to: "Samba4 AD with bind DNS / TKEY is unacceptable"

2013 Sep 11
2
Samba4 AD with bind DNS / TKEY is unacceptable
Hi, i try to migrate an existing W2k3 AD to Samba4 with bind. Everything works fine, but dnsupdate fails with error: "dns_tkey_negotiategss: TKEY is unaccepteable". I found a lot of discussions around this topic, but no solution. Envirenment: OS: SLES11 SP3 with bind 9.9.3P2 Samba Packages from Servet: sernet-samba-4.0.9-5.suse111 I checked the following Points: After joining the
2018 May 02
2
samba_dnsupdate --all-names -> dns_tkey_negotiategss: TKEY is unacceptable
Hello, we have the following problem with a ADDC Sernet 4.7.6-11 on CentOS 7.4. We have two DCs, replication is working fine. We use bind9 as dns-backend. When we do a "samba_dnsupdate --all-names" we get the following messages: ------------------- [root at dc1 ~]# samba_dnsupdate --all-names dns_tkey_negotiategss: TKEY is unacceptable dns_tkey_negotiategss: TKEY is unacceptable
2020 Jul 06
0
dns_tkey_gssnegotiate: TKEY is unacceptable
On 7/3/2020 10:01 AM, Robert E. Wooden via samba wrote: > On 7/3/2020 9:50 AM, Rowland penny via samba wrote: >> Originally, Samba used /var/lib/samba/private for the dns.keytab and >> other dns files. This was then found to be possibly insecure, so it >> was decided to use /var/lib/samba/bind-dns instead. When you upgrade >> the Samba packages, the old files are not
2023 Mar 28
0
dns_tkey_gssnegotiate: TKEY is unacceptable
My OS is Ubuntu 20.04, with Samba version 4.15.13. bind is 9.16 I have an existing domain controller (compumaxdc01) and joined another (compumaxdc03) to act as a secondary/back according to the instructions on the wiki here https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory Both are using bind-dns as the backend, so I've made sure to not use the dns.keytab in
2020 Jul 03
2
dns_tkey_gssnegotiate: TKEY is unacceptable
On 7/3/2020 9:31 AM, Rowland penny via samba wrote: > Does 'sudo rm -f /var/lib/samba/private/dns.keytab' give you any hint > to which is the correct keytab ? > > Rowland > While waiting for your reply, I began checking my BIND9 setup. Having used many of Louis' "sed" strings instructions, one those strings direct "tkey-gssapi-keytab" to use
2014 Feb 12
1
TKEY is unacceptable
Samba 4.1.1 using BIND_DLZ (bind-9.9.1-0.1.P2) on CentOS 6.5 x86_64. I have two domain controllers, dc-1 and dc-2, which each have three network interfaces. Selinux is in permissive mode, and iptables is off. One interface on each dc is to be shut down. So, on dc-1, I do: # nsupdate -g update delete europa.icse.cornell.edu A 192.168.3.250 update delete europa.icse.cornell.edu A 192.168.3.251
2013 Sep 06
0
Samba 4 "TKEY is unacceptable" driving me NUTS!
I've installed Samba 4.09 on ubuntu with bind 9.8.1-P1, the former compiled from git source and the latter installed from apt-get. I'm migrating from an existing Windows 2008 SBS domain controller that I want to retire (and be Windows free on the server side), and have followed the instructions on the Samba wiki for setting up Bind and migrating. When I run a samba_dnsupate -verbose
2020 Jul 03
0
dns_tkey_gssnegotiate: TKEY is unacceptable
On 03/07/2020 15:40, Robert E. Wooden via samba wrote: > On 7/3/2020 9:31 AM, Rowland penny via samba wrote: >> Does 'sudo rm -f /var/lib/samba/private/dns.keytab' give you any hint >> to which is the correct keytab ? >> >> Rowland >> > While waiting for your reply, I began checking my BIND9 setup. > > Having used many of Louis'
2018 May 02
0
samba_dnsupdate --all-names -> dns_tkey_negotiategss: TKEY is unacceptable
On Wed, 2 May 2018 13:54:01 +0200 Stefan Kania via samba <samba at lists.samba.org> wrote: > Hello, > we have the following problem with a ADDC Sernet 4.7.6-11 on CentOS > 7.4. We have two DCs, replication is working fine. We use bind9 as > dns-backend. When we do a "samba_dnsupdate --all-names" we get the > following messages: > ------------------- > [root at
2018 Mar 15
0
DNS Updates fail with dns_tkey_gssnegotiate: TKEY is unacceptable
Hi, I have a test system with two DCs based on samba v 4.8.0 with BIND9_DLZ as the dns backend running on a fresh install of Gentoo. I can't get DNS Updates to work on both DCs. If I issue the command: samba_dnsupdate --verbose after the 2nd DC has joined the domain I get the errors (just showing the last entry): update(nsupdate): SRV
2011 Jun 21
1
tkey-gssapi-credential and bind (Samba4)
So I am in step 10 of the samba4 howto (https://wiki.samba.org/index.php/Samba4/HOWTO#Step_10_Configure_kerberos_DNS_dynamic_updates); my bind9 is 9.7.3 which seems to be current enough for this. In it we are to add tkey-gssapi-credential "DNS/samdom.example.com"; tkey-domain "SAMDOM.EXAMPLE.COM"; to /etc/bind/named.conf.options. Since my test domain is test.domain.com,
2015 Aug 06
0
2nd DC, internal DNS: dns_tkey_negotiategss: TKEY is unacceptable
is the time in sync on your servers ? >-----Oorspronkelijk bericht----- >Van: samba [mailto:samba-bounces at lists.samba.org] Namens Roel van Meer >Verzonden: donderdag 6 augustus 2015 9:28 >Aan: samba at lists.samba.org >Onderwerp: Re: [Samba] 2nd DC, internal DNS: >dns_tkey_negotiategss: TKEY is unacceptable > >L.P.H. van Belle writes: > >> check the rights
2015 Aug 06
0
2nd DC, internal DNS: dns_tkey_negotiategss: TKEY is unacceptable
check the rights on : /var/lib/samba/private/dns.keytab 640 root:bind /var/lib/samba/private/dns 750 root:bind /var/lib/samba/private/sam.ldb.d 750 root:bind Greetz, Louis >-----Oorspronkelijk bericht----- >Van: samba [mailto:samba-bounces at lists.samba.org] Namens Roel van Meer >Verzonden: donderdag 6 augustus 2015 8:55 >Aan: samba at lists.samba.org >Onderwerp: [Samba] 2nd
2019 Feb 26
1
AD-DC Bind: TKEY is unacceptable
I'm having trouble with nsupdates.  I'm getting TKEY is unacceptable. I'm using Fedora 29, with its packages: [root at dc2 kwhite]# rpm -qa | grep samba samba-4.9.4-1.fc29.x86_64 samba-dc-bind-dlz-4.9.4-1.fc29.x86_64 samba-common-4.9.4-1.fc29.noarch samba-libs-4.9.4-1.fc29.x86_64 samba-dc-libs-4.9.4-1.fc29.x86_64 samba-winbind-4.9.4-1.fc29.x86_64 samba-common-libs-4.9.4-1.fc29.x86_64
2012 Dec 09
1
Fwd: samba_dnsupdate principal and TKEY unacceptable
Hi, I am trying to run samba with bind_dlz (bind-9.9.1 - P1) on a multi-homed network. I have configured the setup as per Samba4 Howto. But when I try to do "samba_dnsupdate --all-names" it fails with error: dns_tkey_negotiategss: TKEY is unacceptable The kerberos ticket being used by samba_dnsupdate shows follwoing principals: klist -c /tmp/tmp6cxfgY Ticket cache: FILE:/tmp/tmp6cxfgY
2015 Aug 06
0
2nd DC, internal DNS: dns_tkey_negotiategss: TKEY is unacceptable - SOLVED
On 06/08/15 09:08, Roel van Meer wrote: > L.P.H. van Belle writes: > >> is the time in sync on your servers ? > > Yes it is. > > I managed to make it work by specifying the primary DC as nameserver > in /etc/resolv.conf of the secondary DC. As soon as I do that, > samba_dnsupdate works on the secondary. When I change it back to use > the local Samba as resolver,
2020 Jul 03
0
dns_tkey_gssnegotiate: TKEY is unacceptable
On 03/07/2020 14:39, Robert E. Wooden via samba wrote: > As the subject says, dns_tkey_gssnegotiate: TKEY is unacceptable. > > I have internet searched for solutions. > > I have done everything on > /wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable/ > and I am still getting: > > At the end of "root at dc01:~# samba_dnsupdate --verbose
2020 Jul 03
2
dns_tkey_gssnegotiate: TKEY is unacceptable
As the subject says, dns_tkey_gssnegotiate: TKEY is unacceptable. I have internet searched for solutions. I have done everything on /wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable/ and I am still getting: At the end of "root at dc01:~# samba_dnsupdate --verbose --all-names": dns_tkey_gssnegotiate: TKEY is unacceptable Failed nsupdate: 1 Failed update of 29
2016 May 23
0
DC2: TKEY is unacceptable, Failed DNS update?
Hi, Are you using Samba's internal DNS or Bind? If you are using Bind9_DLZ as dns-backend it should be a right issue on files used by Bind itself (ie private/dns.keytab, private/named.conf, private/dns or private/dns/* and of course private itself). If you are running internal DNS as backend, you can change that parameter into smb.conf: from: allow dns updates = secure only (default, not
2012 Sep 29
1
Samba4 LDAP returns wrong responses in some cases, BIND-DLZ refuses to update
Hello. We have a couple of questions regarding Samba 4.1.0pre1-GIT-aad669b running on Gentoo GNU/Linux 1) Is MS 1.2.840.113556.1.4.1941 operator support implemented (planned to be implemented) in Samba 4 internal LDAP server? Please compare: $ ldapsearch -h 192.168.1.32 -x -D 'CN=someadminuser,OU=Administrators,DC=klin,DC=kifato-mk,DC=com' -b