We are running samba4 (alpha12) on a centos 5.4 machine and are experimenting with Hyper-V 2008 R2 Failover Clustering, which requires Active Directory. We are trying to see if samba-4 will work as the AD server. We are building a 2 node failover cluster. Both nodes seem to have joined the domain successfully (with samba-4 as the DC). But subsequent steps of creating the "Failover Cluster" are failing and periodically we see following errors in the samba log: (Note that node0-lime record seems to have correct dnsHostName set in the database.) ----- errors from samba log -------------- Failed to modify SPNs on CN=NODE1-LIME,CN=Computers,DC=sambalime,DC=stratus,DC=com: error in module acl: insufficient access rights (50) added interface ip=10.90.0.71 nmask=255.255.255.0 ldb_wrap open of sam.ldb Failed to modify SPNs on CN=NODE1-LIME,CN=Computers,DC=sambalime,DC=stratus,DC=com: error in module acl: insufficient access rights (50) ipv4:10.90.0.88:49232 closed connection to service IPC$ Kerberos: AS-REQ host/node0-lime.sambalime.stratus.com@SAMBALIME.STRATUS.COM from ipv4:10.90.0.87:50798 for krbtgt/SAMBALIME.STRATUS.COM@SAMBALIME.STRATUS.COM Kerberos: UNKNOWN -- host/node0-lime.sambalime.stratus.com@SAMBALIME.STRATUS.COM: no such entry found in hdb Terminating connection - 'kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED] Terminating connection - 'NT_STATUS_CONNECTION_DISCONNECTED' single_terminate: reason[NT_STATUS_CONNECTION_DISCONNECTED]
Andrew, do you have an idea?
Please try again with current GIT. We have improved the SPN update code (more still to do however).
This should have been fixed with Nadya's work. If not, please reopen!