Stefan G. Weichinger
2019-Sep-05 15:19 UTC
[Samba] migrated from gentoo to debian, DM throws errors ...
what do I miss here: wbinfo -u / -g -/ -pPt works [2019/09/05 17:15:25.963590, 1] ../source3/librpc/crypto/gse.c:658(gse_get_server_auth_token) gss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/SAMBA.noras.intra at NORAS.INTRA(kvno 54) in keytab MEMORY:cifs_srv_keytab (aes256-cts-hmac-sha1-96)] [2019/09/05 17:15:25.963681, 1] ../auth/gensec/spnego.c:1218(gensec_spnego_server_negTokenInit_step) gensec_spnego_server_negTokenInit_step: gse_krb5: parsing NEG_TOKEN_INIT content failed (next[(null)]): NT_STATUS_LOGON_FAILURE [2019/09/05 17:15:25.973563, 1] ../source3/librpc/crypto/gse.c:658(gse_get_server_auth_token) gss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/SAMBA.noras.intra at NORAS.INTRA(kvno 54) in keytab MEMORY:cifs_srv_keytab (aes256-cts-hmac-sha1-96)] We left and rejoined ... FOund the hint to create keytab ? https://wiki.samba.org/index.php/Generating_Keytabs but the DM doesn't have a sam.ldb (seems to be correct ?) - smb.conf : [global] unix charset = iso8859-15 security = ads realm = NORAS.INTRA workgroup = NORAS netbios aliases = u1noras server string = U1NORAS winbind cache time = 10 winbind use default domain = yes winbind refresh tickets = Yes dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab template homedir = /mnt/MSA2040/smb/Homes/%D/%U restrict anonymous = 2 domain master = no local master = no preferred master = no invalid users = root bin daemon adm sync shutdown halt mail news \ uucp obey pam restrictions = yes interfaces = 192.168.100.4/24 127.0.0.1 bind interfaces only = Yes idmap config * : range = 3000-7999 idmap config * : backend = tdb idmap config NORAS : range = 10000-20000 idmap config NORAS : backend = rid # For ACL support on domain member vfs objects = acl_xattr full_audit map acl inherit = Yes store dos attributes = Yes inherit acls = yes unix extensions = no follow symlinks= yes wide links= yes load printers = no printcap name = /dev/null acl allow execute always = True # Audit settings full_audit:prefix = %u|%I|%S full_audit:failure = connect full_audit:success = mkdir rmdir write pwrite rename unlink \ chmod fchmod chown fchown ftruncate full_audit:facility = local5 full_audit:priority = notice thanks for any help, I am 5hrs away from home and a bit struggling ;-)
Stefan G. Weichinger
2019-Sep-05 15:37 UTC
[Samba] migrated from gentoo to debian, DM throws errors ...
Am 05.09.19 um 17:19 schrieb Stefan G. Weichinger via samba:> > what do I miss here:update: maybe the reboot of the clients helped ... looks better now
Stefan G. Weichinger
2019-Sep-05 15:50 UTC
[Samba] migrated from gentoo to debian, DM throws errors ...
Am 05.09.19 um 17:37 schrieb Stefan G. Weichinger via samba:> Am 05.09.19 um 17:19 schrieb Stefan G. Weichinger via samba: >> >> what do I miss here: > > update: maybe the reboot of the clients helped ... looks better now > > >Access works, but I still get [2019/09/05 17:49:41.888422, 1] ../source3/librpc/crypto/gse.c:658(gse_get_server_auth_token) gss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/SAMBA.noras.intra at NORAS.INTRA(kvno 54) in keytab MEMORY:cifs_srv_keytab (aes256-cts-hmac-sha1-96)] [2019/09/05 17:49:41.888521, 1] ../auth/gensec/spnego.c:1218(gensec_spnego_server_negTokenInit_step) gensec_spnego_server_negTokenInit_step: gse_krb5: parsing NEG_TOKEN_INIT content failed (next[(null)]): NT_STATUS_LOGON_FAILURE [2019/09/05 17:49:41.899494, 1] ../source3/librpc/crypto/gse.c:658(gse_get_server_auth_token) gss_accept_sec_context failed with [ Miscellaneous failure (see text): Failed to find cifs/SAMBA.noras.intra at NORAS.INTRA(kvno 54) in keytab MEMORY:cifs_srv_keytab (aes256-cts-hmac-sha1-96)] thanks for any pointers
Apparently Analagous Threads
- migrated from gentoo to debian, DM throws errors ...
- migrated from gentoo to debian, DM throws errors ...
- Failed to find cifs/fs-share@dom.corp (kvno 109) in keytab
- Failed to find cifs/fs-share@dom.corp (kvno 109) in keytab
- Samba 4.10 member: SMB login no longer working