G
gnoovy
Eroberer
hi leutz,
habe lieber ein neues Thread erstellt, da dies nicht mehr so ganz in meinen Samba-ACL-Thread passt. Wenn ich mit Fedora Core10 mittels net join -U Administrator der Domäne beitreten will erscheint immer "net_update_dns_internal: Failed to connect to our DC!"
"DNS update failed!".
Ein Computeraccount wird jedoch perfekt erstellt. Nur an den DNS-Server kann er sich nicht registrieren. Wieso?
Anbei meine Configs
/etc/krb5.conf
/etc/samba/smb.conf
/etc/nsswitch.conf
/etc/resolv.conf
mittels ping w2k8-server oder w2k8-server.winnet.local kann ich den Server perfekt auflösen
habe lieber ein neues Thread erstellt, da dies nicht mehr so ganz in meinen Samba-ACL-Thread passt. Wenn ich mit Fedora Core10 mittels net join -U Administrator der Domäne beitreten will erscheint immer "net_update_dns_internal: Failed to connect to our DC!"
"DNS update failed!".
Ein Computeraccount wird jedoch perfekt erstellt. Nur an den DNS-Server kann er sich nicht registrieren. Wieso?
Anbei meine Configs
/etc/krb5.conf
Code:
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = WINNET.LOCAL
dns_lookup_realm = true
dns_lookup_kdc = false
ticket_lifetime = 24h
forwardable = yes
[realms]
WINNET.LOCAL = {
kdc = W2K8-SERVER.WINNET.LOCAL
admin_server = W2K8-SERVER.WINNET.LOCAL
default_domain = WINNET.LOCAL
}
[domain_realm]
.winnet.local = WINNET.LOCAL
winnet.local = WINNET.LOCAL
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
/etc/samba/smb.conf
Code:
# Samba config file created using SWAT
# from UNKNOWN (>)
# Date: 2009/05/06 00:17:05
[global]
workgroup = WINNET
realm = WINNET.LOCAL
server string =
security = ADS
password server = W2K8-SERVER.WINNET.LOCAL
passdb backend = tdbsam
username map = /etc/samba/smbusers
log file = /var/log/samba/log.%m
max log size = 50
server signing = auto
logon path =
logon home =
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind use default domain = Yes
[disk]
path = /daten
read only = No
acl group control = Yes
force unknown acl user = Yes
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
[disk]
path = /daten
read only = No
acl group control = Yes
force unknown acl user = Yes
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
/etc/nsswitch.conf
Code:
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files winbind
shadow: files winbind
group: files winbind
#hosts: db files nisplus nis dns
hosts: files dns winbind
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files winbind
rpc: files
services: files winbind
netgroup: nisplus files winbind
publickey: nisplus
automount: files nisplus winbind
aliases: files nisplus
/etc/resolv.conf
Code:
# Generated by NetworkManager
# No nameservers found; try putting DNS servers into your
# ifcfg files in /etc/sysconfig/network-scripts like so:
#
# DNS1=xxx.xxx.xxx.xxx
# DNS2=xxx.xxx.xxx.xxx
# DOMAIN=lab.foo.com bar.foo.com
nameserver 192.168.178.250
search winnet.local
mittels ping w2k8-server oder w2k8-server.winnet.local kann ich den Server perfekt auflösen