samba - Mar 2021 - GSS server Update(krb5)(1) Update failed: Miscellaneous failure

Uhum ... I change name but i re-used IP. In ase it tis problem re-used ip?
Or will this message disappear in time? or how to solve?

Thanks


In ase it tis problema re-used ip or with tie de "msg erro" dont

Em ter., 30 de mar. de 2021 ?s 20:46, Andrew Bartlett <abartlet at
samba.org>
escreveu:
> On Tue, 2021-03-30 at 20:23 -0300, Carlos via samba wrote:
> > Hi! I Join im new dc, thats is ok but in log o see
> >
> >
> > GSS server Update(krb5)(1) Update failed:  Miscellaneous failure
> > (see
> > text): Failed to find DCXXX$@XXXX(kvno 1) in keytab
> > FILE:/opt/samba/private/secr
> > ets.keytab (arcfour-hmac-md5)
> >
> >
> > It is a problem ?
>
> This just means that your DC has been contacted by a client who has a
> ticket encrypted by the KDC with a different machine account password.
>
> This often happens after a domain re-join as the passwords are re-
> randomised, or if a name or IP is otherwise re-used.
>
> Andrew Bartlett
>
> --
> Andrew Bartlett (he/him)       https://samba.org/~abartlet/
> Samba Team Member (since 2001) https://samba.org
> Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba
>
> Samba Development and Support, Catalyst IT - Expert Open Source
> Solutions
>
>
>
>
>
>

So some client is connecting with to the old server by the old name,
likely the previous DC?  If so, demote it.

If it is already deleted in LDAP and DNS then this will go away when
the client credentials cache expires.

Andrew Bartlett

On Tue, 2021-03-30 at 22:22 -0300, Carlos Alberto Panozzo Cunha
wrote:
> Uhum ... I change name but i re-used IP. In ase it tis problem re-
> used ip?
> Or will this message disappear in time? or how to solve?
> 
> Thanks
> 
> 
> In ase it tis problema re-used ip or with tie de "msg erro" dont 
> 
> Em ter., 30 de mar. de 2021 ?s 20:46, Andrew Bartlett <
> abartlet at samba.org> escreveu:
> > On Tue, 2021-03-30 at 20:23 -0300, Carlos via samba wrote:
> > > Hi! I Join im new dc, thats is ok but in log o see
> > > 
> > > 
> > > GSS server Update(krb5)(1) Update failed:  Miscellaneous failure
> > > (see 
> > > text): Failed to find DCXXX$@XXXX(kvno 1) in keytab 
> > > FILE:/opt/samba/private/secr
> > > ets.keytab (arcfour-hmac-md5)
> > > 
> > > 
> > > It is a problem ?
> > 
> > This just means that your DC has been contacted by a client who has
> > a
> > ticket encrypted by the KDC with a different machine account
> > password.
> > 
> > This often happens after a domain re-join as the passwords are re-
> > randomised, or if a name or IP is otherwise re-used.
> > 
> > Andrew Bartlett
> > 
-- 
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source
Solutions