Web lists-archives.com

Re: [Samba] client @0x7f6ed800bc20 update 'campus.company.intra/IN' denied

On Mon, 2 Jul 2018 12:12:07 -0300
Elias Pereira via samba <samba@xxxxxxxxxxxxxxx> wrote:

> >
> > Hmm, bind 9.12.x isn't supported yet.
> He works with "dlopen
> /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_11.so" without
> problems, at first.

I repeat, Bind 9.12.x is unsupported at this time, just because it
worked once is no reason to use it. It may have nothing to do with your
problem, but using a supported Bind version will rule it out.

> include "/etc/bind/rndc.key";
> > controls {
> >           inet allow { localhost; } keys { rndc-key;};
> > };
> > You do not need the four lines above
> Ok, but if I leave it, does not have problems either, I believe!?

OK, your server, but I think you should be aware that I have been using
Bind9 with Samba since December 2012 and I have never used the rndc.key

> You mention '#public IP' twice, are they both the same IP and is it
> > the DC ipaddress and if so, why are you trying to forward the DC to
> > itself ?
> No, two different networks.
> xxx.xxx.xxx.0/26
> xxx.xxx.xxx.128/26
> Sometimes the "samba_dlz: spnego update failed" appears in the log. I
> found this link talks about the problem.
> https://bugzilla.redhat.com/show_bug.cgi?id=1528867
> I added the "KRB5RCACHETYPE="none"" on the /etc/default/bind9, but the
> error message keeps.

That is if you are using the MIT kerberos with Samba, instead of the
default HEIMDAL.


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba