Re: Samba 4 Cannot contact any KDC for requested realm

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



2012-01-21 09:42 keltezéssel, steve írta:
> Version 4.0.0alpha18-GIT-957ec28 with dns hh3.site realm SITE
> After starting samba -i -d3,
> wbinfo -i someuser
> gives this:
>
> ldb_wrap open of secrets.ldb
> using SPNEGO
> Selected protocol [8][NT LANMAN 1.0]
> Cannot reach a KDC we require to contact cifs/hh3.site@SITE : kinit
> for HH3$@SITE failed (Cannot contact any KDC for requested realm)
> SPNEGO(gssapi_krb5) NEG_TOKEN_INIT failed: NT_STATUS_NO_LOGON_SERVERS
>
>
> ldb_wrap open of secrets.ldb
> schannel_fetch_session_key_tdb: restored schannel info key
> SECRETS/SCHANNEL/HH3
> Cannot reach a KDC we require to contact host/hh3.site@SITE : kinit
> for HH3$@SITE failed (Cannot contact any KDC for requested realm)
> SPNEGO(gssapi_krb5) creating NEG_TOKEN_INIT failed:
> NT_STATUS_NO_LOGON_SERVERS
>
> wbinfo -u works fine and shows a list of users. Subsequent calls to
> wbinfo do not produce this error. It only happens the first time after
> samba is started.
>
> <dare not mention>
> This may coincide with yesterday's bind 9 update from openSUSE
> </dare not mention>
>
> This seems OK no?
> Calling DNS name update script
> Calling SPN name update script
> Completed SPN update check OK
> Completed DNS update check OK
>
> and all the dns and kinit test stuff on the wiki checks out too.
>
> Any ideas?
> Thanks,
> Steve
Glad you have mentioned bind, in my experience 90% of kerberos related
problems were caused by failure to look up names. On my test system (I
haven't used Samba4 in production yet) I use bind9.8 with thedlz
backend. After I restart samab4 I have to restart bind9 as well, because
otherwise there is no name resolution possible.

Hope that helps

Geza
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba



[Linux]     [Info Cyrus]     [LARTC]     [Bugtraq]     [Netfilter]     [Internet Dating Forums]     [RAID]     [Yosemite News]     [Photography]

Add to Google Powered by Linux