Displaying 20 results from an estimated 2000 matches similar to: "DNS issues"
2016 Jul 08
1
Unable to transfer ForestDns/DomainDNS
I bumped the logging up.
samba-tool domain level raise --domain-level=2008_R2
schema_fsmo_init: we are master[yes] updates allowed[no]
schema_fsmo_init: we are master[yes] updates allowed[no]
The updates_allowed[no] concerns me?
On Fri, Jul 8, 2016 at 9:45 AM, Jason Waters <jason at geeknocity.com> wrote:
> I'm pretty sure the domain level raise is failing on this system.
2018 May 02
2
samba_dnsupdate --all-names -> dns_tkey_negotiategss: TKEY is unacceptable
Hello,
we have the following problem with a ADDC Sernet 4.7.6-11 on CentOS 7.4.
We have two DCs, replication is working fine. We use bind9 as
dns-backend. When we do a "samba_dnsupdate --all-names" we get the
following messages:
-------------------
[root at dc1 ~]# samba_dnsupdate --all-names
dns_tkey_negotiategss: TKEY is unacceptable
dns_tkey_negotiategss: TKEY is unacceptable
2013 Jan 02
3
Samba ADDS DC krb5 and samba_nsupdate
Hello
I tried on two vms on my vmware Workstation to use samba as DC.
I want use BIND for dns system.
To join the Domain had worked successfully after I recompiled the bind.
It seems the zone are the same but Samba isn't in the ns-record.
If I run dcpromo.exe I get this error message:
This Active Directory DC is the last dns-server for the AD-zones.
If I remove the DC the dns-names
2017 Sep 27
2
Samba as AD travails
Many (many) hours later, I'm finally throwing in the towel and seeking help.
I have read everything I can find on the internet to no avail to get past
my issues. I have to say, I'm very disappointed in the general quality and
fragmentation of information on this topic. Samba isn't a turn-key
solution as an AD by any stretch of the imagination. I've run the gamut so
far with
2016 Sep 30
2
GSSAPI - Server not found errors
I think I'm missing some SRV records...
Calling nsupdate for SRV _ldap._tcp.Default-First-Site-Name._
sites.ForestDnsZones.mydomain.com dc03.mydomain.com 389 (add)
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; UPDATE SECTION:
2015 Aug 06
2
2nd DC, internal DNS: dns_tkey_negotiategss: TKEY is unacceptable - SOLVED
L.P.H. van Belle writes:
> is the time in sync on your servers ?
Yes it is.
I managed to make it work by specifying the primary DC as nameserver in
/etc/resolv.conf of the secondary DC. As soon as I do that, samba_dnsupdate
works on the secondary. When I change it back to use the local Samba as
resolver, it no longer works.
So it is a DNS issue (possibly related to replication
2015 Nov 19
1
Samba 4.3.0 and DNS entries missing for DCs
On 11/19/2015 9:44 AM, Thierry Hotelier wrote:
> hello,
> we've just upgraded from samba 3.6.6 to samba 4.3.0. We are using
> INTERNAL as dns backend. We have 1 domain and 6 DCs on 5 different
> sites. Replication between DCs is ok as we can see with "samba-tool
> drs showrepl". We configured them like it is described on the wiki and
> used the RSAT tool
2018 May 16
2
DDNS Error
It's me again :-)
Now we have DDNS with DHCP running but we have a problem on one of our
two DCs. Btw we used the setup and the script from wiki.
Doing a "dhclient" on a host we are getting the following messages:
-------------
Mai 16 12:13:28 samba41 dhcpd[3961]: Commit: IP: 192.168.0.249 DHCID:
1:50:5b:5d:1c:ab:aa Name: horst
Mai 16 12:13:28 samba41 dhcpd[3961]: execute_statement
2015 Aug 06
2
2nd DC, internal DNS: dns_tkey_negotiategss: TKEY is unacceptable
L.P.H. van Belle writes:
> check the rights on :
> /var/lib/samba/private/dns.keytab 640 root:bind
> /var/lib/samba/private/dns 750 root:bind
> /var/lib/samba/private/sam.ldb.d 750 root:bind
I'm using the internal DNS on both DC's, so I guess bind access rights
aren't the issue.
Thanks for your answer though :)
Regards,
Roel
> >-----Oorspronkelijk
2015 Dec 30
4
dns_tkey_negotiategss: TKEY is unacceptable
Hello!
I've got this error
dns_tkey_negotiategss: TKEY is unacceptable
when running samba_dnsupdate --verbose
With this error dynamic entries stopped working as Type A machines that
entered in the field or entry to a new DC.
Already tried the step described here
https://wiki.samba.org/index.php/Dns_tkey_negotiategss:_TKEY_is_unacceptable
But when trying to delete the account used the
2013 Jul 26
1
Samba 4 dnsupdate errors
I have installed samba from source (I've tried both V4-0-stable and
v4-1-stable) using BIND9_DLZ on Ubuntu server 13.04 and I'm unable to
get samba_dnsupdate to function.
# samba_dnsupdate --all-names --fail-immediately
will return
dns_tkey_negotiategss: TKEY is unacceptable
If I then try nsupdate directly:
nsupdate -g /tmp/tmpEk4_WK
I also get:
dns_tkey_negotiategss: TKEY is
2015 Aug 06
4
2nd DC, internal DNS: dns_tkey_negotiategss: TKEY is unacceptable
Hi everyone,
I'm testing with a Samba4 AD network, and I have some problems with DNS on
the second DC, with which I could use a bit of your help.
I have an AD with two DC's, both Samba 4.2.3. On the first DC,
samba_dnsupdate works fine. With stock 4.2.3 I get the error
"TSIG error with server: tsig verify failure"
but the DNS updates succeed anyway, and after applying
2018 Jan 09
3
samba_dlz shutting down on named reload
Hello there.
I´ve been having problems with dynamic dns update by dhcp on my samba ADDC
running on CentOS 7 on an RPI2. After a while, the dhccp_dyndns.sh stops
stops being able to authenticate with named.
for the longest time I was stumped with this, exploring all kinds of
kerberos issues, but found out that *restartint* named did resolve the
issue.
I have finally traced this problem down to a
2014 May 08
1
Trouble demoting DC with broken replication
Hi all,
I am currently struggling to remove one of our Samba4 DC from the
domain. Some time ago, adding a new Samba DC to our AD did not succeed
and I had to demote the new server again. After removal, replication on
one of the old/existing DCs got weird.
/usr/local/samba/bin/samba-tool drs showrepl gives the following:
Standardname-des-ersten-Standorts\dc02
DSA Options: 0x00000001
DSA object
2018 May 16
3
DDNS Error
The DDNS setup from the wiki uses the keytab of the seperate
"Unprivileged user for TSIG-GSSAPI DNS updates via ISC DHCP server"
you have to Check this one not the one which BIND uses.
Regards
Am 16.05.2018 um 12:45 schrieb Rowland Penny via samba:
> On Wed, 16 May 2018 12:32:52 +0200 Stefan Kania via samba
> <samba at lists.samba.org> wrote:
>
>> It's me
2015 Mar 27
2
Replication error after trying to sync sysvol
I tried to synchronize the sysvol folders, on two dcs. Something went
wrong since yesterday we have replication problems:
One machine shows this, while the other one is happy.
samba-tool drs showrepl
==== INBOUND NEIGHBORS ====
DC=DomainDnsZones,DC=ourdomain,DC=com
Default-First-Site-Name\DC03 via RPC
DSA object GUID: af610e1a-9e3b-4cdd-a36b-c296d77a9479
Last attempt @
2019 Mar 08
2
ipconfig /registerdns & PTR Records
Hello $LIST,
i setup a new clean domain to examine the feature of updating/creating PTR records. When i call ipconfig /registerdns on the client i get this entry in the windows eventlog (sorry german)
Fehler beim Registrieren der Hostressourceneinträge (A oder AAAA) für den Netzwerkadapter
mit den folgenden Einstellungen:
Adaptername: {2A467E48-624B-4CCF-9B7D-9BA5629D8117}
2014 Sep 12
1
Group Policy failures related to machine password replication
We are using Samba-4.1.11.
I can run gpupdate /force without error on my machine.
H:\>type \\dc01.mediture.dom\SysVol\mediture.dom\Policies\{77F82F0F-AE2B-42F3-B173-D42F4BEEC0BA}\gpt.ini
[General]
Version=65551
displayName=New Group Policy Object
H:\>type \\dc02.mediture.dom\SysVol\mediture.dom\Policies\{77F82F0F-AE2B-42F3-B173-D42F4BEEC0BA}\gpt.ini
[General]
Version=65551
displayName=New
2016 Nov 17
2
readonly DC?
Hello Samba-ers,
I tried to continue my Samba setup after a long pause doing other stuff.
To recall, I want to run two Samba DCs for one domain as virtual machines on
two Windows systems (I switched from VirtualBox to Hyper V, which helps to
run them automatically at system startup, but I don´t think that really
matters). Both DCs shall use themselves as DNS server as the VPN in between
is
2016 Sep 27
1
named ( bind 9.9.4 ) fails to start
Thanks Rowland,
You saved me from a world of pain, I've now got named back up and running
and also accessible via windows DNS GUI.
the SOA record still says ns=dc03.. which is strange and the only place
dc03 exists in the ouput of
samba-tool dns query localhost mydomain.com @ ALL
Is this something I can fix in the windows DNS GUI or do I need to do
something with like FSMO ?
Which btw