LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   samba4 configuration error (http://www.linuxquestions.org/questions/linux-server-73/samba4-configuration-error-946132/)

deep27ak 05-21-2012 08:33 AM

samba4 configuration error
 
Hello

Can anyone here help me configure samba4 as PDC on CentOS6. I have tried samba3 but now I want to use samba4 because I am having some problems in running group policy using samba3 on windows 7.

I want to implement samba4 with kerberos and DNS server as per the howto tutorials on sambahowto homepage. But i am getting stucked at the DNS and kerberos part.

I have successfully configured DNS server. I have created these entries manually in the zone files as I couldnot locate any zone file which was supposed to be created automatically once i run the provision command. But I never got any error for all the commands before this one.
Code:

# host -t A samba.samdom.example.com.
samba.samdom.example.com has address 10.10.10.176

Here this is another error
Code:

# host -t SRV _ldap._tcp.samdom.example.com.
Host _ldap._tcp.samdom.example.com. not found: 3(NXDOMAIN)

Code:

host -t SRV _kerberos._udp.samdom.example.com.
Host _kerberos._udp.samdom.example.com. not found: 3(NXDOMAIN)


Code:

# nslookup kerberos.samdom.example.com
Server:        10.10.10.176
Address:        10.10.10.176#53

Name:  kerberos.samdom.example.com
Address: 10.10.10.176

but I am not able to get a positive reply for kerberos
Code:

# kinit administrator@SAMDOM.EXAMPLE.COM
kinit: Cannot resolve network address for KDC in realm "SAMDOM.EXAMPLE.COM" while getting initial credentials

this is my /etc/krb5.conf file
Code:

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = SAMDOM.EXAMPLE.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true

[realms]
 SAMDOM.EXAMPLE.COM = {
  kdc = kerberos.samdom.example.com
  admin_server = kerberos.samdom.example.com
 }

[domain_realm]
 .samdom.example.com = SAMDOM.EXAMPLE.COM
 samdom.example.com = SAMDOM.EXAMPLE.COM


heinblöd 05-22-2012 12:09 PM

Well I can't really help with this, but just two observations:

1. The use of "example.com" like this from the tutorial may not be a good choice as it is a valid domain name
Code:

host example.com
example.com has address 192.0.43.10
example.com has IPv6 address 2001:500:88:200::10

Maybe use the "samdom.mydomain.local" naming scheme, as it would be a convention (or just a habit, maybe) in Windows domains.


2. As far as I remember, the "_ldap._tcp" etc entries are pointers to the main domain in Windows PDC .
What if you just try to create them manually?
Or if it's those you already created manually, change the domainname.
I'm almost sure the host command is returning the real request from example.com in this case

deep27ak 05-23-2012 03:38 AM

Thanks for the reply

well I was able to overcome that error and now my samba4 is working fine. I am able to join windows xp client to the domain without any registry changes but again I am facing some problem with windows 7

The windows 7 machine is able to join the server domain but while I try to login into the machine I receive an error

"trust relationship between this workstation and primary domain failed windows 7"

In samba3 when I used to get this error, I simply added the netbios name of client machine into the server machine using useradd but I don't get it, how can I do the same for samba4.

Even if I add the add machine script in /usr/local/samba/etc/smb.conf then i get a error
Unknown parameter encountered: "add machine script"
Ignoring unknown parameter "add machine script"
smbd version 4.0.0alpha6 started.
Copyright Andrew Tridgell and the Samba Team 1992-2009


have you faced any such issue or do you know any solution for the same?


All times are GMT -5. The time now is 07:54 PM.