Rob Thomas
2003-Aug-19 10:07 UTC
[Samba] ADS, W2K3, and various other broken things. (rc1)
After seeing the /. post the other day I went 'w00p' (as you do) and
grabbed RC1. *sigh*. I'm not having fun. I've got a nice little test
network here:
2003 ADS Server (gladstonewireless.net)
Samba 3rc1 as a member.
I can not mount from 2003 - I get a crash.
GDB:
#5 0x401613b8 in __libc_sigaction () from /lib/i686/libc.so.6
#6 0x0809fc9f in reply_spnego_kerberos (conn=0x0, inbuf=0x4042a008
"",
outbuf=0x4044b008 "", length=1476, bufsize=131072,
secblob=0xbfffe98c)
at smbd/sesssetup.c:167
#7 0x080a04ef in reply_spnego_negotiate (conn=0x0, inbuf=0x4042a008
"",
outbuf=0x4044b008 "", length=1476, bufsize=131072, blob1
{data = 0x8378a90
"`\202\005\e\006\006+\006\001\005\005\002 \202\005\0170\202\005\v
$0\"\006\t*\206H\202?\022\001\002\002\006\t*\206H\206?\022\001\002\002\006\n+\006\001\004\001\2027\002\002\n?\202\004?\004\202\004?`\202\004?\006\t*\206H\206?\022\001\002\002\001",
length = 1311, free = 0x818b7a0 <free_data_blob>}) at smbd/sesssetup.c:390
#8 0x080a0844 in reply_sesssetup_and_X_spnego (conn=0x0,
inbuf=0x4042a008 "",
outbuf=0x4044b008 "", length=1476, bufsize=131072) at
smbd/sesssetup.c:505
#9 0x080a143c in reply_sesssetup_and_X (conn=0x0, inbuf=0x0,
outbuf=0x4044b008 "", length=1476, bufsize=131072) at
smbd/sesssetup.c:591
#10 0x080bb82d in switch_message (type=115, inbuf=0x4042a008 "",
Relevant loggins:
Doing spnego session setup
[2003/08/19 19:17:22, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(498)
NativeOS=[Windows Server 2003 3790] NativeLanMan=[]
[2003/08/19 19:17:22, 3] smbd/sesssetup.c:reply_spnego_negotiate(383)
Got OID 1 2 840 48018 1 2 2
[2003/08/19 19:17:22, 3] smbd/sesssetup.c:reply_spnego_negotiate(383)
Got OID 1 2 840 113554 1 2 2
[2003/08/19 19:17:22, 3] smbd/sesssetup.c:reply_spnego_negotiate(383)
Got OID 1 3 6 1 4 1 311 2 2 10
[2003/08/19 19:17:22, 3] smbd/sesssetup.c:reply_spnego_negotiate(386)
Got secblob of size 1245
[2003/08/19 19:17:22, 10] passdb/secrets.c:secrets_named_mutex(697)
secrets_named_mutex: got mutex for replay cache mutex
[2003/08/19 19:17:22, 10] libads/kerberos_verify.c:ads_verify_ticket(175)
ads_verify_ticket: enc type [16] failed to decrypt with error Bad
encryption type
[2003/08/19 19:17:22, 10] libads/kerberos_verify.c:ads_verify_ticket(175)
ads_verify_ticket: enc type [1] failed to decrypt with error Bad
encryption type
[2003/08/19 19:17:22, 10] passdb/secrets.c:secrets_named_mutex_release(709)
secrets_named_mutex: released mutex for replay cache mutex
[2003/08/19 19:17:22, 3] libads/kerberos_verify.c:ads_verify_ticket(182)
ads_verify_ticket: krb5_rd_req with auth failed (Bad encryption type)
I have 'client use spnego = no' in my smb.conf, but it seems to want to
use it? I noticed that in the smb.conf manpage it says I shouldn't use
it, but it seems to want to.
klist produces a ticket. I've joned the domain, and I have a computer
account in ADS.
smb.conf:
workgroup = QLD-80211B-GLD1
netbios name = filesrv
idmap uid = 10000-20000
idmap gid = 10000-20000
encrypt passwords = yes
client use spnego = no
server string = Samba Server
security = ads
realm = gw-server.gladstonewireless.net
Help?
--Rob
Gerald (Jerry) Carter
2003-Aug-19 13:28 UTC
[Samba] ADS, W2K3, and various other broken things. (rc1)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 19 Aug 2003, Rob Thomas wrote:> After seeing the /. post the other day I went 'w00p' (as you do) and > grabbed RC1. *sigh*. I'm not having fun. I've got a nice little test > network here: > > 2003 ADS Server (gladstonewireless.net) > Samba 3rc1 as a member. > > I can not mount from 2003 - I get a crash.Mind filing a bug at https://bugzilla.samba.org/ I'll work on this today. cheers, jerry ---------------------------------------------------------------------- Hewlett-Packard ------------------------- http://www.hp.com SAMBA Team ---------------------- http://www.samba.org GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc "You can never go home again, Oatman, but I guess you can shop there." --John Cusack - "Grosse Point Blank" (1997) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/QiYFIR7qMdg1EfYRAqJxAJ9a+7FuNRVA39GaPebDXRpU7wHp0gCgg6B9 gRj6Wmek9t7YIRoLNAhGMl4=iR3i -----END PGP SIGNATURE-----
Reasonably Related Threads
- Samba 3.0.2a with ADS w2k3 Active Directory, enctypes
- RES: Samba 3.0.2a with ADS w2k3 Active Directory, enctype s
- Unable to connect samba server using hostname [2]
- Client accessing Samba doesn't authenticate against A ctive Directory
- more problems with rc1 + ADS: smbd sigsegv