dns.keytab
in [Samba]
|
From: Andrew Bartlett on 12 Jun 2010 06:50 On Fri, 2010-06-11 at 07:41 -0600, Ibrahim Hamouda wrote: > Hi guys > I setup my samba4 server with provision. (pdc1) > Then I setup a DC using net vampire after rolling back to commit 62e0a74 to bypass mdw updates that broke net vampire. (pdc2) > I had to manually add to the zone in pdc1 the follwoing records to get replication to work: > > I made all the modifications in named.txt to bind > > pdc2 IN A 192.168.48.236 > <PDC2-GUID>._msdsc IN CNAME pdc2 > > > scp the dns.keytab file from pdc1 to pdc2 You should not scp the keytab file anywhere - BIND is only single-master, and so there is only one server that can update DNS, and so only one server to put dns.keytab on. > modified smb.conf on pdc2 as follows > > nsupdate command = /usr/bin/nsupdate -v -k /usr/local/samba/private/dns.keytab Where did you get that command from? > The dns update doesn't happen: > > on pdc2 i get the following message: > > 11-Jun-2010 07:30:16.956 /usr/local/samba/private/dns.keytab:1: unknown option '...' > 11-Jun-2010 07:30:16.956 /usr/local/samba/private/dns.keytab:1: unknown option '(...' > 11-Jun-2010 07:30:16.956 /usr/local/samba/private/dns.keytab:1: unexpected token near end of file > could not read key from /usr/local/samba/private/dns.keytab: unexpected token > > Any ideas what am I doing wrong? Don't set the nsupdate command unless you have configured static keys. (which means a key file you have generated, not the samba-managed Kerberos keytab) Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc.
|
Pages: 1 Prev: Samba 4--Somethings decidedly broken Next: Winbind AD authentication problem |