On Mon, 2014-06-23 at 12:28 +0000, Longina Przybyszewska wrote:
Hi again, I can see in log, that the client traverses all subdomains and tries to send dyndns updates to diverse DC's, without success. I have no krb5.conf - as I used realmd for joining AD - can it be the reason for troubles?
[nss] debug_level = 9 filter_groups = root filter_users = root,lightdm,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd
[sssd] debug_level = 6 domains =nat.domain.org config_file_version = 2 services = nss, pam
[domain/nat.domain.org] debug_level = 7 id_provider = ad auth_provider = ad access_provider = ad default_shell = /bin/bash ldap_id_mapping = False
ad_server = any DC may help. Add this to /etc/hosts if the SRV lookups are failing.
/etc/hosts root@skywalker:/home-local/longinap# cat /etc/hosts 127.0.0.1 localhost 127.0.1.1 skywalker.nat.domain.org skywalker xxx.xxx. eta.nat.domain.org eta
If you used realmd you probably don't have the krb5 stuff installed. You could try:
[libdefaults] default_realm = NAT.DOMAIN.ORG dns_lookup_realm = false dns_lookup_kdc = true
BUT, all you really need is the IP of a dns server in the domain. The one the windows clients use will do fine. Can you get at Control Panel on a windows client and find out what it is?
Steve