FreeBSD 11.3
File system: ZFS
Samba411
Bind916
My actions:
1)
/usr/ports/dns/bind916/make install clean
/usr/ports/net/samba411/make install clean
(I selected the option "Use BIND 9.16")
(I added option NTVFS)
2)
samba-tool domain provision -–domain=DOMENFO –-host-name=DC1 –-host-ip=192.168.10.10 –-use-rfc2307 –-realm=domenfo.local –-server-role=dc –-dns-backend=BIND9_DLZ –-adminpass=******** —-use-ntvfs
3)
I changed the file named.conf
I added the lines
tkey-gssapi-keytab "/var/db/samba4/private/dns.keytab";
minimal-responses yes;
include "/var/db/samba4/bind-dns/named.conf";
4)
cp /var/db/samba4/private/krb5.conf /usr/local/etc/krb5.conf
5)
My rights
-rwxrwxr-x 1 bind bind 21842 May 21 09:10 named.conf
-rwxrwxr-x 1 bind bind 250 May 21 07:55 localhost-forward.db
-rwxrwxr-x 1 bind bind 318 May 21 07:55 localhost-reverse.db
-rw-r--r-- 1 bind bind 94 May 21 08:42 krb5.conf
-rwxrwxr-x 2 bind bind 747 May 21 08:36 dns.keytab
6)
Verification successful
root@DC1:~ # smbclient //localhost/netlogon -UAdministrator -c 'ls'
root@DC1:~ # host -t SRV _ldap._tcp.domenfo.local.
root@DC1:~ # host -t SRV _kerberos._udp.domenfo.local.
root@DC1:~ # host -t A domenfo.local.
root@DC1:~ # kinit administrator@DOMENFO.LOCAL
root@DC1:~ # klist
7)
samba_dnsupdate --verbose --all-names
I changed the file smb4.conf
I added the lines
nsupdate command = /usr/local/sbin/samba_dnsupdate -g
samba_dnsupdate --verbose --all-names
Total:
Tell me what is the problem?
P.S.
My application configuration files:
/usr/local/etc/krb5.conf
/usr/local/etc/smb4.conf
/usr/local/etc/namedb/named.conf
/etc/resolv.conf
/var/db/samba4/bind-dns/named.conf
File system: ZFS
Samba411
Bind916
My actions:
1)
/usr/ports/dns/bind916/make install clean
/usr/ports/net/samba411/make install clean
(I selected the option "Use BIND 9.16")
(I added option NTVFS)
2)
samba-tool domain provision -–domain=DOMENFO –-host-name=DC1 –-host-ip=192.168.10.10 –-use-rfc2307 –-realm=domenfo.local –-server-role=dc –-dns-backend=BIND9_DLZ –-adminpass=******** —-use-ntvfs
3)
I changed the file named.conf
I added the lines
tkey-gssapi-keytab "/var/db/samba4/private/dns.keytab";
minimal-responses yes;
include "/var/db/samba4/bind-dns/named.conf";
4)
cp /var/db/samba4/private/krb5.conf /usr/local/etc/krb5.conf
5)
My rights
-rwxrwxr-x 1 bind bind 21842 May 21 09:10 named.conf
-rwxrwxr-x 1 bind bind 250 May 21 07:55 localhost-forward.db
-rwxrwxr-x 1 bind bind 318 May 21 07:55 localhost-reverse.db
-rw-r--r-- 1 bind bind 94 May 21 08:42 krb5.conf
-rwxrwxr-x 2 bind bind 747 May 21 08:36 dns.keytab
6)
Verification successful
root@DC1:~ # smbclient //localhost/netlogon -UAdministrator -c 'ls'
Code:
Enter DOMENFO\Administrator's password:
. D 0 Thu May 21 08:36:03 2020
.. D 0 Thu May 21 08:36:08 2020
39560476 blocks of size 1024. 37795404 blocks available
root@DC1:~ # host -t SRV _ldap._tcp.domenfo.local.
Code:
_ldap._tcp.domenfo.local has SRV record 0 100 389 dc1.domenfo.local.
root@DC1:~ # host -t SRV _kerberos._udp.domenfo.local.
Code:
_kerberos._udp.domenfo.local has SRV record 0 100 88 dc1.domenfo.local.
root@DC1:~ # host -t A domenfo.local.
Code:
domenfo.local has address 192.168.10.10
root@DC1:~ # kinit administrator@DOMENFO.LOCAL
root@DC1:~ # klist
Code:
Credentials cache: FILE:/tmp/krb5cc_0
Principal: administrator@DOMENFO.LOCAL
Issued Expires Principal
May 21 09:41:01 2020 May 21 19:41:01 2020 krbtgt/DOMENFO.LOCAL@DOMENFO.LOCAL
7)
samba_dnsupdate --verbose --all-names
Code:
update(nsupdate): A ForestDnsZones.domenfo.local 192.168.10.10
Calling nsupdate for A ForestDnsZones.domenfo.local 192.168.10.10 (add)
Successfully obtained Kerberos ticket to DNS/dc1.domenfo.local as DC1$
/usr/bin/nsupdate: cannot specify -g or -o, program not linked with GSS API Library
Failed nsupdate: 1
Failed update of 34 entries
I changed the file smb4.conf
I added the lines
nsupdate command = /usr/local/sbin/samba_dnsupdate -g
samba_dnsupdate --verbose --all-names
Code:
update(nsupdate): A ForestDnsZones.domenfo.local 192.168.10.10
Calling nsupdate for A ForestDnsZones.domenfo.local 192.168.10.10 (add)
Successfully obtained Kerberos ticket to DNS/dc1.domenfo.local as DC1$
Usage: samba_dnsupdate [options]
samba_dnsupdate: error: no such option: -g
Failed nsupdate: 2
Failed update of 34 entries
Total:
Tell me what is the problem?
P.S.
My application configuration files:
/usr/local/etc/krb5.conf
/usr/local/etc/smb4.conf
/usr/local/etc/namedb/named.conf
/etc/resolv.conf
/var/db/samba4/bind-dns/named.conf