Displaying 20 results from an estimated 146 matches for "ccache_type".
2004 Oct 21
1
Ads_connect: Server not found in Kerberos database
...6 on Solaris 8 and I am receiving this
errror:
Utils/net_ads.c:ads_startup(183)
Ads_connect: Server not found in Kerberos database
Here is a copy of the krb5.conf file:
[libdefaults]
ticket_lifetime = 600
default_realm = BROOKS.COM
kdc_req_checksum_type = 2
checksum_type = 2
ccache_type = 1
default_tkt_enctypes = des-cbc-crc
default_tgs_enctypes = des-cbc-crc
[kdc]
profile = /usr/local/var/krb5kdc/kdc.conf
[logging]
kdc = FILE:/usr/local/var/krb5kdc/kdc.log
<FILE:/usr/local/var/krb5kdc/kdc.log>
admin_server = FILE:/usr/local/var/krb5kdc/adm.log
<FIL...
2004 Dec 07
1
Kerberos Error
...4000
default_realm = HQ.ARKONNETWORKS.COM
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
permitted_enctypes = des3-hmac-sha1 des-cbc-crc
dns_lookup_realm = false
dns_lookup_kdc = false
kdc_req_checksum_type = 2
checksum_type = 2
ccache_type = 1
forwardable = true
proxiable = true
[realms]
HQ.ARKONNETWORKS.COM = {
kdc = dc2.hq.arkonnetworks.com:88
admin_server = dc2.hq.arkonnetworks.com:749
default_domain = hq.arkonnetworks.com
}
[domain_realm]
.hq.arkonnetworks.com = HQ.ARKONNETWORKS.COM
[kdc]
profile = /etc/k...
2019 Oct 16
3
Can't setup kerberos auth for samba4 server?
...ccessfully setting up samba4, I want this machine to authenticate
against the running samba4-server. I've created /etc/krb5.conf:
[libdefaults]
default_realm = ADA.DE <http://ada.de/>
dns_lookup_realm = false
dns_lookup_kdc = true
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
[realms]
ADA.DE <http://ada.de/> = {
kdc = ad01.ada.de
kdc = ad02.ada.de
admin_server = ad01.ada.de
chpasswd_server = ad01.ada.d...
2016 Jun 28
2
Looking for GSSAPI config [was: Looking for NTLM config example]
Aki - made your suggested changes, but no joy :(
My /etc/krb5.conf:
------SNIP--------
[libdefaults]
default_realm = HPRS.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = true
[libdefaults]
default_realm = HPRS.LOCAL
dns_lookup_kdc = true
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
[realms]
HPRS.LOCAL = {
default_domain = hprs.local
auth_to_local_names = {
Administrator = root
}
}
[domain_realm]
hprs.local = HPRS.LOCAL
# this is not a mistake
.hprs.local = HPRS.LOCAL
------PINS-...
2024 Mar 24
2
'Scripted' machine account renewal?!
...nections can be made to this remote computer at this time because the computer has already accepted the maximum number of connections.
In /etc/krb5.conf i've set:
[libdefaults]
default_realm = AD.AC.CONCORDIA-PORDENONE.IT
dns_lookup_realm = false
dns_lookup_kdc = false
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
[realms]
AD.AC.CONCORDIA-PORDENONE.IT = {
kdc = kdc.ad.ac.concordia-pordenone.it
master_kdc = kdc.ad.ac.concordia-pordenone.it
admin_server = kdc.ad.ac.concordia-pordenone.it
default_domain = ad.ac.concordia-pordenone.it
}
clearly, 'kdc.ad....
2012 Jul 09
2
How do I get an ssh client to authenticate with samba4's kerberos GSSAPI?
...lients.
ssh unfortunately is not kerberos authenticating via GSSAPI. The client
krb5.conf contains this:
=====================================================
[libdefaults]
default_realm = MYDOMAIN.NET
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
dns_fallback = yes
default_tkt_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
default_tgs_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd =...
2023 May 26
1
PAM Offline Authentication in Ubuntu 22.04...
...config lnffvg : range = 10000-49999
idmap config lnffvg : backend = ad
idmap config * : range = 5000-9999
idmap config * : backend = tdb
printing = bsd
/etc/security/pam_winbind.conf
[global]
cached_login = yes
/etc/krb5.conf
[libdefaults]
default_realm = AD.FVG.LNF.IT
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
/etc/nsswitch.conf
passwd: compat winbind
group: compat winbind
shadow: files
gshadow: files
hosts: files mdns4_minimal [NOTFOUND=return] dns
networks: files
protocols:...
2016 Jun 29
2
Looking for GSSAPI config [was: Looking for NTLM config example]
...t;> [libdefaults]
>>> default_realm = HPRS.LOCAL
>>> dns_lookup_realm = false
>>> dns_lookup_kdc = true
>>>
>>> [libdefaults]
>>> default_realm = HPRS.LOCAL
>>> dns_lookup_kdc = true
>>> kdc_timesync = 1
>>> ccache_type = 4
>>> forwardable = true
>>> proxiable = true
>>> fcc-mit-ticketflags = true
>>>
>>> [realms]
>>> HPRS.LOCAL = {
>>> default_domain = hprs.local
>>> auth_to_local_names = {
>>> Administrator = root
>...
2023 Oct 23
1
DNS samba update ERROR
...th = /var/lib/samba/sysvol
read only = No
[netlogon]
path = /var/lib/samba/sysvol/beo.imp/scripts
read only = No
/etc/krb5.conf
[libdefaults]
dns_lookup_realm = false
dns_lookup_kdc = true
default_realm = BEO.IMP
kdc_timesync = 1
ccache_type = 4
[realms]
[domain_realm]
/etc/resolve.conf
search BEO.IMP
nameserver 200.2.2.15
nameserver 200.2.2.1
nameserver 200.2.2.2
??, 23 ???. 2023 ?., 13:33 Rowland Penny via samba <samba at lists.samba.org>:
> On Mon, 23 Oct 2023 13:11:27 +0300
> Bee Air via samba <...
2004 May 12
2
Failed to verify ticket ?
...md5
permitted_enctypes = des-cbc-crc des-cbc-md5
#default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
#default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
#permitted_enctypes = des3-hmac-sha1 des-cbc-crc
dns_lookup_realm = false
dns_lookup_kdc = false
kdc_req_checksum_type = 2
checksum_type = 2
ccache_type = 1
forwardable = true
proxiable = true
[realms]
DRAF.FC = {
kdc = draffc3.draf.fc
default_domain = DRAFFCOMTE
}
[domain_realm]
.draf.fc = DRAF.FC
[kdc]
profile = /etc/kerberos/krb5kdc/kdc.conf
[pam]
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb...
2016 Jun 29
3
Looking for GSSAPI config [was: Looking for NTLM config example]
...----SNIP--------
> > [libdefaults]
> > default_realm = HPRS.LOCAL
> > dns_lookup_realm = false
> > dns_lookup_kdc = true
> >
> > [libdefaults]
> > default_realm = HPRS.LOCAL
> > dns_lookup_kdc = true
> > kdc_timesync = 1
> > ccache_type = 4
> > forwardable = true
> > proxiable = true
> > fcc-mit-ticketflags = true
> >
> > [realms]
> > HPRS.LOCAL = {
> > default_domain = hprs.local
> > auth_to_local_names = {
> > Administrator = root
> > }
> >...
2024 Feb 12
1
Samba, Kerberos, Autofs: Shares get disconnected
...iles = /Thumbs.db/._*/.DS_Store/.Trash-*/.~lock*/
vfs objects = fruit acl_xattr shadow_copy2
[work]
comment = IAP MW Work folder
path = /storage/work
read only = No
and on the server, the krb5.conf:
# cat /etc/krb5.conf
[libdefaults]
default_realm = <redacted>
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
[realms]
<redacted> = {
kdc = <redacted>
admin_server =<redacted>
}
and on one client machine, i.e. workstation:
# testparm -s
Load smb config files from /etc/samba/smb.con...
2005 Jan 12
1
URGENT winbind - New DOMAIN but old DOMAIN not CHANGING - Resent
...t_realm = ADMIN.SJC
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
permitted_enctypes = des3-hmac-sha1 des-cbc-crc
dns_lookup_realm = false
dns_lookup_kdc = false
kdc_req_checksum_type = 2
checksum_type = 2
ccache_type = 1
forwardable = true
proxiable = true
[realms]
ADMIN.SJC = {
kdc = sun.admin.sjc:88
admin_server = sun.admin.sjc:749
kpasswd_server = sun.admin.sjc
default_domain = admin.sjc
}
[domain_realm]
.admin.sjc = ADMIN.SJC
[kdc]
profile = /etc/kerberos/krb5kdc/kdc.conf
[pam]...
2010 Jan 28
1
Trouble getting past net join ads...
...offline logon = yes
# get quota command = /root/sambaquota.sh
krb5.conf
[libdefaults]
default_realm = FS.UML.EDU
# The following krb5.conf variables are only for MIT Kerberos.
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
# The following encryption type specification will be used by MIT Kerberos
# if uncommented. In general, the defaults in the MIT Kerberos code are
# correct and overriding these specifications only serves to disable new
# encryption types...
2015 Apr 25
2
I can't join the new AD server with Samba4
...he default:
>> [libdefaults]
>> default_realm = TTU.RED
>>
>> # The following krb5.conf variables are only for MIT Kerberos.
>> krb4_config = /etc/krb.conf
>> krb4_realms = /etc/krb.realms
>> kdc_timesync = 1
>> ccache_type = 4
>> forwardable = true
>> proxiable = true
>> ........
>>
>> [realms]
>> TTU.RED = {
>> kdc = pdc
>> admin_server = pdc
>> }
>> ........
>>
>>
>>
> Use...
2015 Nov 30
2
After joining domain, Samba uses the workgroup name, not the FQDN when running the net ads command
...ost
127.0.1.1 freeradius.windows.corp.XXX.com freeradius
192.168.127.131 whiskey.windows.corp.XXX.com whiskey
192.168.112.4 wine..windows.corp.XXX.com wine
/etc/krb5.conf
[libdefaults]
default_realm = WINDOWS.CORP.XXX.COM
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
WINDOWS.CORP.XXX.COM = {
kdc = whiskey.windows.corp.XXX.com:88
kdc = wine.windows.corp.XXX.com:88
a...
2004 Jun 09
1
authentification in ads2003
...default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-...
2014 May 09
1
samba4 : [kerberos part kinit work but no kpasswd
...E:/var/log/krb5.log
[libdefaults]
??????? default_realm = TOTO.FR
??????? dns_lookup_realm = false
??????? dns_lookup_kdc = true
# The following krb5.conf variables are only for MIT Kerberos.
??????? krb4_config = /etc/krb.conf
??????? krb4_realms = /etc/krb.realms
??????? kdc_timesync = 1
??????? ccache_type = 4
??????? forwardable = true
??????? proxiable = true
default_tgs_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
default_tkt_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
permitted_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
supported_enctypes = aes256-cts:normal arcfour-hm...
2015 Jun 03
2
Cannot join Ubuntu12.04 Samba 4.1.17 to domain
On 03/06/15 21:29, ivenhov wrote:
> I reproduced error WERR_DEFAULT_JOIN_REQUIRED in two scenarios:
> - user account that is used to join machine to domain is not part of Domain
> Admin group.
> - OU path for computer (specified in createcomputer) is invalid
>
> In both of those cases I'm getting detailed error messages: 'insufficient
> access' and 'invalid
2013 Oct 26
2
lost with AD auth
...al
26/10/2013 10:11:34 26/10/2013 20:11:34
krbtgt/RADIODJIIDO.NC at RADIODJIIDO.NC
renew until 27/10/2013 10:11:34
grep ^[^#] /etc/krb5.conf
->
[libdefaults]
default_realm = RADIODJIIDO.NC
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[real...