[Samba] samba4 DNS error when joining domain

Discussion:

(too old to reply)

steve

2012-04-01 16:20:01 UTC

Hi
Joining a lubuntu 11.10 client to the domain I get this:

net ads join -UAdministrator
Enter Administrator's password:
Using short domain name -- POLOP
Joined 'LUBUNTU7' to realm 'hh3.site'
No DNS domain configured for lubuntu7. Unable to perform DNS Update.
DNS update failed!

during the join this all seems OK:

Kerberos: Looking for PKINIT pa-data -- LUBUNTU7$@HH3.SITE
Kerberos: Looking for ENC-TS pa-data -- LUBUNTU7$@HH3.SITE
Kerberos: No preauth found, returning PREAUTH-REQUIRED -- LUBUNTU7$@HH3.SITE
Kerberos: AS-REQ LUBUNTU7$@HH3.SITE from ipv4:192.168.1.24:59014 for
krbtgt/***@HH3.SITE
Kerberos: Client sent patypes: encrypted-timestamp, 149
Kerberos: Looking for PKINIT pa-data -- LUBUNTU7$@HH3.SITE
Kerberos: Looking for ENC-TS pa-data -- LUBUNTU7$@HH3.SITE
Kerberos: ENC-TS Pre-authentication succeeded -- LUBUNTU7$@HH3.SITE
using arcfour-hmac-md5
Kerberos: AS-REQ authtime: 2012-04-01T18:05:39 starttime: unset endtime:
2012-04-02T04:05:39 renew till: 2012-04-02T18:05:20

Then, after:
net ads keytab create
everyone can work fine.

Just worried about the error message on joining.
Any ideas? Ignore?

Thanks,
Steve

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba

Matthieu Patou

2012-04-02 05:20:02 UTC

Permalink

Steve,

Post by steve
Hi
net ads join -UAdministrator
Using short domain name -- POLOP
Joined 'LUBUNTU7' to realm 'hh3.site'
No DNS domain configured for lubuntu7. Unable to perform DNS Update.
DNS update failed!
Kerberos: No preauth found, returning PREAUTH-REQUIRED --
Kerberos: Client sent patypes: encrypted-timestamp, 149
using arcfour-hmac-md5
Kerberos: AS-REQ authtime: 2012-04-01T18:05:39 starttime: unset
endtime: 2012-04-02T04:05:39 renew till: 2012-04-02T18:05:20
net ads keytab create
everyone can work fine.

The title seems to indicate samba4 when the body seems to indicate samba 3.
Am I guessing right that you have this problem with a samba 3.x with
samba 4 acting as a AD DC.

If so with which version of samba3 do you have this problem, samba 3.5.x
branch and early 3.6 have this problem even with MS AD, fix are present
in the master git tree to fix this problem.

Matthieu.

--
Matthieu Patou
Samba Team
http://samba.org
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba

steve

2012-04-02 17:30:03 UTC

Permalink

Post by Matthieu Patou
Steve,

Post by steve
net ads keytab create
everyone can work fine.

The title seems to indicate samba4 when the body seems to indicate samba 3.
Am I guessing right that you have this problem with a samba 3.x with
samba 4 acting as a AD DC.
If so with which version of samba3 do you have this problem, samba 3.5.x
branch and early 3.6 have this problem even with MS AD, fix are present
in the master git tree to fix this problem.
Matthieu.

Hi
I installed the samba-client rpm (openSUSE 12.1) simply to get the net
command as an easy way to make a keytab fr the client. My Linux users
have their posix attributes stored in s4 ldap and need the machine key
for nfs.

As I say, everything works but I was concerned about the error message.
Cheers,
Steve

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba