| |||
| |||
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
Howdy list! I'm having a bit of trouble setting up a ODM with ODR and another server for filesharing via kerberized afp. Forgive the length of this email as its going to be rather long as I try to cover everything I have tried. At present we are running 10.3 servers without keberized services. The current servers are going to be our 10.4 ones so we are building the servers at night on a second hard drive we plug into the machines after we take all our clients down. So with the background out of the way lets get started. Off the bat I have to say that I am suspecting DNS to be the issue, but I could be wrong. The hardware in question is: ODM/ODR G4 PowerMacs AGP graphics 2GB RAM Sonnet Presto gigabit nic Fileserver Dual G4 Xserv XSR So I'll basically give a brief step by step of what I did. 1> Install a fresh copy of 10.4 Server on the ODM box as a standalone server 2> Configure with static IP, DNS servers point to itself and the IP of the box to become ODR, router to our Sonicwall's lan. 3> Bring ODM up and install patches from a dvd. 4> Change the machines host name from dynamically assigned to its FQDN with the command sudo /System/Library/ServerSetup/serversetup -setHostname <new hostname> (why can't you assign one during the server setup anyways?) 5> Configure DNS as follows Zone: loc.example.com. <-- Yes with the trailing period Server name: odm Zone Transfers: On Allow Recursion: On 6> Add a record in DNS for the ODM and fileserver 7> Install a fresh copy of 10.4 Server on the ODR box as a standalone server 8> Configure with static IP, DNS servers point to itself and the IP of the ODM, router to our Sonicwall's lan. 9> bring ODR up and install patches from a dvd. 10> change the machines host name from dynamically assigned to its FQDN with the command sudo /System/Library/ServerSetup/serversetup -setHostname <new hostname> 11> Configure the Secondary zone Zone name: loc.example.com. <-- again with trailing period Primary IP: The ODM's IP. 12> At this point the logs indicate that the records transfered with out a problem, but things get weird here. If I do either a host <IP> or host <fqdn> things look up and resolve correctly. 13> If I turn the DNS service off on the secondary server (ODR) and do a host <IP> or host <fqdn> from either machine things still look correct, but... 14> If I turn DNS back on the ODR and OFF of the ODM things get weird. From either machine a host <fqdn> returns normally, but a reverse lookup host <IP> from wither machine returns a host not found blah blah 3(NXDOMAIN) error. 15> From this point I can actually promote the ODM from standalone to Open Directory Master and it appears to take. Kerberos says its running and the only thing strange seeming in the logs is something about a dict file. 16> The ODR machine can be promoted to Replica pointing to the ODM and this appears to work as well. 17> Install a fresh copy of 10.4 Server on the fileserver box as a standalone server 18> Configure with static IP, DNS servers point to ODM and ODR, router to our Sonicwall's lan. 19> Bring fileserver up and install patches from a dvd. 20> Change the machines host name from dynamically assigned to its FQDN with the command sudo /System/Library/ServerSetup/serversetup -setHostname <new hostname> 21> Using Server Admin change role to Connected to Directory System which launches Directory Access.. the binding seems to work without issue. 22> In Server Admin try to kerberize the server, here it asks for a bunch of info and regardless of what I try (wasn't sure if its referring to dir admin or not) it errors out with something about a keytab file. *catch breath* So thats about it.. Whats so frustrating is this all worked on a small (4 machine) test environment without a hitch and the only differences I can think of their being is as follows. *the machines were slightly older and NOT using Sonnet Presto gigabit cards *the machines did have net access they were on a small secluded hub, while the build above was done on our swithces connected to our Sonicwall. and thats about all I can think of that was different. So I beg and plead with you list does anyone have a clue what the heck is going on here or where to begin looking for the problem? Thanks in advance, James Nierodzik Frustrated Admin |
_______________________________________________ Do not post admin requests to the list. They will be ignored. Macos-x-server mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/macos-x-server/email@hidden This email sent to email@hidden
| Home | Archives | FAQ | Terms/Conditions | Contact | RSS | Lists | About |
Visit the Apple Store online or at retail locations.
1-800-MY-APPLE
Contact Apple | Terms of Use | Privacy Policy
Copyright © 2007 Apple Inc. All rights reserved.
