Carlos
2022-Aug-08 13:50 UTC
[Samba] Decrypt integrity check failed for checksum type hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
Hi I updated my DC(i have 5 DCs), and i'm updated one by one... I demote DC, in new server(chnaged hostname), i change for IP equal one dc demote DC Demote = 172.16.1.85-> shutdown DC New = 172.16.1.85 -> Join That all right, i don't problems, but in logs DC new i ss much message : [2022/08/08 10:38:27.844340,? 1] ../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal) ? GSS server Update(krb5)(1) Update failed:? Miscellaneous failure (see text): Decrypt integrity check failed for checksum type hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96 [2022/08/08 10:38:28.035271,? 1] ../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal) ? GSS server Update(krb5)(1) Update failed:? Miscellaneous failure (see text): Decrypt integrity check failed for checksum type hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96 [2022/08/08 10:38:28.246462,? 1] ../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal) ? GSS server Update(krb5)(1) Update failed:? Miscellaneous failure (see text): Decrypt integrity check failed for checksum type hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96 [2022/08/08 10:38:29.566079,? 1] ../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal) ? GSS server Update(krb5)(1) Update failed:? Miscellaneous failure (see text): Decrypt integrity check failed for checksum type hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96 [2022/08/08 10:38:29.996828,? 1] ../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal) ? GSS server Update(krb5)(1) Update failed:? Miscellaneous failure (see text): Decrypt integrity check failed for checksum type hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96 [2022/08/08 10:38:32.181868,? 1] ../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal) ? GSS server Update(krb5)(1) Update failed:? Miscellaneous failure (see text): Decrypt integrity check failed for checksum type hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96 [2022/08/08 10:38:32.210028,? 3] ../../auth/auth_log.c:647(log_authentication_event_human_readable) Only in? DC new, in other DCs No. IT's a problem ? My smb.conf # Global parameters [global] ??????? netbios name = SAMBA2 ??????? realm = XXXXXXX ??????? server role = active directory domain controller ??????? server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate ??????? workgroup = XXXXX ??????? #log level = 1 auth_audit:3 auth_json_audit:3 ??????? log level = 1 auth_audit:3 ??????? max log size = 5000 ??????? tls enabled? = yes ??????? tls keyfile? = tls/xxx.key ??????? tls certfile = tls/xxxxx.crt ??????? tls cafile?? = tls/xxxxxx-CA.crt [sysvol] ??????? path = /var/lib/samba/sysvol ??????? read only = No [netlogon] ??????? path = /var/lib/samba/sysvol/xxxxx/scripts ??????? read only = No === Others Information: # installed by -> https://apt.van-belle.nl/ samba -V Version 4.15.7-Ubuntu lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:??? Ubuntu 20.04.4 LTS Release:??????? 20.04 Codename:?????? focal == Regards;