Rob Thomas
2003-Aug-19 10:07 UTC
[Samba] ADS, W2K3, and various other broken things. (rc1)
After seeing the /. post the other day I went 'w00p' (as you do) and grabbed RC1. *sigh*. I'm not having fun. I've got a nice little test network here: 2003 ADS Server (gladstonewireless.net) Samba 3rc1 as a member. I can not mount from 2003 - I get a crash. GDB: #5 0x401613b8 in __libc_sigaction () from /lib/i686/libc.so.6 #6 0x0809fc9f in reply_spnego_kerberos (conn=0x0, inbuf=0x4042a008 "", outbuf=0x4044b008 "", length=1476, bufsize=131072, secblob=0xbfffe98c) at smbd/sesssetup.c:167 #7 0x080a04ef in reply_spnego_negotiate (conn=0x0, inbuf=0x4042a008 "", outbuf=0x4044b008 "", length=1476, bufsize=131072, blob1 {data = 0x8378a90 "`\202\005\e\006\006+\006\001\005\005\002 \202\005\0170\202\005\v $0\"\006\t*\206H\202?\022\001\002\002\006\t*\206H\206?\022\001\002\002\006\n+\006\001\004\001\2027\002\002\n?\202\004?\004\202\004?`\202\004?\006\t*\206H\206?\022\001\002\002\001", length = 1311, free = 0x818b7a0 <free_data_blob>}) at smbd/sesssetup.c:390 #8 0x080a0844 in reply_sesssetup_and_X_spnego (conn=0x0, inbuf=0x4042a008 "", outbuf=0x4044b008 "", length=1476, bufsize=131072) at smbd/sesssetup.c:505 #9 0x080a143c in reply_sesssetup_and_X (conn=0x0, inbuf=0x0, outbuf=0x4044b008 "", length=1476, bufsize=131072) at smbd/sesssetup.c:591 #10 0x080bb82d in switch_message (type=115, inbuf=0x4042a008 "", Relevant loggins: Doing spnego session setup [2003/08/19 19:17:22, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(498) NativeOS=[Windows Server 2003 3790] NativeLanMan=[] [2003/08/19 19:17:22, 3] smbd/sesssetup.c:reply_spnego_negotiate(383) Got OID 1 2 840 48018 1 2 2 [2003/08/19 19:17:22, 3] smbd/sesssetup.c:reply_spnego_negotiate(383) Got OID 1 2 840 113554 1 2 2 [2003/08/19 19:17:22, 3] smbd/sesssetup.c:reply_spnego_negotiate(383) Got OID 1 3 6 1 4 1 311 2 2 10 [2003/08/19 19:17:22, 3] smbd/sesssetup.c:reply_spnego_negotiate(386) Got secblob of size 1245 [2003/08/19 19:17:22, 10] passdb/secrets.c:secrets_named_mutex(697) secrets_named_mutex: got mutex for replay cache mutex [2003/08/19 19:17:22, 10] libads/kerberos_verify.c:ads_verify_ticket(175) ads_verify_ticket: enc type [16] failed to decrypt with error Bad encryption type [2003/08/19 19:17:22, 10] libads/kerberos_verify.c:ads_verify_ticket(175) ads_verify_ticket: enc type [1] failed to decrypt with error Bad encryption type [2003/08/19 19:17:22, 10] passdb/secrets.c:secrets_named_mutex_release(709) secrets_named_mutex: released mutex for replay cache mutex [2003/08/19 19:17:22, 3] libads/kerberos_verify.c:ads_verify_ticket(182) ads_verify_ticket: krb5_rd_req with auth failed (Bad encryption type) I have 'client use spnego = no' in my smb.conf, but it seems to want to use it? I noticed that in the smb.conf manpage it says I shouldn't use it, but it seems to want to. klist produces a ticket. I've joned the domain, and I have a computer account in ADS. smb.conf: workgroup = QLD-80211B-GLD1 netbios name = filesrv idmap uid = 10000-20000 idmap gid = 10000-20000 encrypt passwords = yes client use spnego = no server string = Samba Server security = ads realm = gw-server.gladstonewireless.net Help? --Rob
Gerald (Jerry) Carter
2003-Aug-19 13:28 UTC
[Samba] ADS, W2K3, and various other broken things. (rc1)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 19 Aug 2003, Rob Thomas wrote:> After seeing the /. post the other day I went 'w00p' (as you do) and > grabbed RC1. *sigh*. I'm not having fun. I've got a nice little test > network here: > > 2003 ADS Server (gladstonewireless.net) > Samba 3rc1 as a member. > > I can not mount from 2003 - I get a crash.Mind filing a bug at https://bugzilla.samba.org/ I'll work on this today. cheers, jerry ---------------------------------------------------------------------- Hewlett-Packard ------------------------- http://www.hp.com SAMBA Team ---------------------- http://www.samba.org GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc "You can never go home again, Oatman, but I guess you can shop there." --John Cusack - "Grosse Point Blank" (1997) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/QiYFIR7qMdg1EfYRAqJxAJ9a+7FuNRVA39GaPebDXRpU7wHp0gCgg6B9 gRj6Wmek9t7YIRoLNAhGMl4=iR3i -----END PGP SIGNATURE-----
Maybe Matching Threads
- Samba 3.0.2a with ADS w2k3 Active Directory, enctypes
- RES: Samba 3.0.2a with ADS w2k3 Active Directory, enctype s
- Unable to connect samba server using hostname [2]
- Client accessing Samba doesn't authenticate against A ctive Directory
- more problems with rc1 + ADS: smbd sigsegv