search for: dns_fallback

...0-20000 winbind gid = 10000-20000 winbind enum groups = yes winbind separator = + winbind use default domain = yes encrypt passwords = yes hosts allow = 10.0.0. 127. KRB5.CONF: -------------- [libdefaults] ticket_lifetime = 600 default_realm = DOMAIN.EXAMPLE.COM dns_lookup_kdc=0 dns_lookup_realm=0 dns_fallback=0 default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc permitted_enctypes = rc4-hmac des3-hmac-sha1 des-cbc-crc des-cbc-md5 arc foug-hmac-md5 arcfour-hmac-md [realms] DOMAIN.EXAMPLE.COM = { kdc = 10.0.0.1 } [logging] kdc = FILE:/var/log/krb5kdc.log a...

...API. The client krb5.conf contains this: ===================================================== [libdefaults] default_realm = MYDOMAIN.NET krb4_config = /etc/krb.conf krb4_realms = /etc/krb.realms kdc_timesync = 1 ccache_type = 4 forwardable = true proxiable = true dns_fallback = yes default_tkt_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5 default_tgs_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5 v4_instance_resolve = false v4_name_convert = { host = { rcmd = host ftp = ftp } plain = {...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi folks, after a little head banging, I got winbind chatting with the domain control ( win2k server ) by hard coding my realm info into krb5.conf. My question is this: Is there a cleaner, more fault tolerant method than this? I googled, and read about dns srv records being used ( intead of hardcoding ), which I understand win2k uses to begin with,

...ster = NO idmap uid = 10000-300000 idmap gid = 10000-300000 template shell = /bin/false winbind enum users = YES winbind enum groups = YES winbind use default domain = YES /etc/krb5.conf: [libdefaults] default_realm = DOMAIN.FOREST.COM default_keytab_name = FILE:/etc/krb5.keytab dns_fallback = no [realms] } DOMAIN.FOREST.COM = { kdc = DOMAIN03.FOREST.COM.:88 kdc = DOMAIN02.FOREST.COM.:88 kdc = DOMAIN01.FOREST.COM.:88 admin_server = DOMAIN03.FOREST.COM. admin_server = DOMAIN02.FOREST....

...ed error code was (0x0) Could not check secret Distribution is Centos EL4. I am currently trying with samba-3.0.26, but have tried 3 older versions. I have installed MITs Kerberos krb5-1.6.3. My openldap is version openldap-2.2.13. Here is my krb5.conf: [libdefaults] default_realm = DOM.LOCAL dns_fallback = true [realms] DOM.LOCAL = { kdc = 192.168.1.50 } [domain_realm] .dom.local = DOM.LOCAL dom.local = DOM.LOCAL ## eof Here is my smb.conf: [global] server string = Samba %v encrypt passwords = Yes workgroup = DOM.DOM password server = 192.168.1.50 security = ADS realm = DOM.L...

...nt = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes krb5.conf: ---------- [libdefaults] ticket_lifetime = 600 default_realm = ADDOMAIN.MYDOMAIN.COM dns_lookup_kdc=0 dns_lookup_realm=0 dns_fallback=0 default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5 rc4-hmac default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5 rc4-hmac permitted_enctypes = rc4-hmac des3-hmac-sha1 des-cbc-crc des-cbc-md5 arcfoug-hmac-md5 arcfour-hmac-md [realms] ADDOM...

...queries. I already used the entry " password server = adm03.XXXX.com, adm01.XXXX.com, * " in my smb.conf file. My krb5.conf file doesn't exist, because MIT 1.3.1 searches its KDC servers via DNS, or must I specify for Kerberos also a fallback (contents of krb5.conf: [libdefaults] dns_fallback = true)? The winbind cache time is default (300 sec). Must I specify a larger value (e.g. 900 sec.) on remote sites with a relative slow connection? Thanx for any suggestion, Alex. (sorry for the stupid disclaimer underneath this e-mail, I can't help it... :) Here is my smb.conf file (only...

...map acl inherit = Yes [prod] comment = Production Elements path = /data/share/prod write list = @"us+adc-site support", @"us+adc-fab rf test" read only = No ######################################################### krb5.conf [libdefaults] dns_fallback = true ############################################## log.winbindd 2004/10/25 16:52:18, 1] nsswitch/winbindd.c:main(854) winbindd version 3.0.7 started. Copyright The Samba Team 2000-2004 [2004/10/25 16:52:18, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313) krb5_cc_get_principal failed (No credenti...

...o dns proxy = No idmap uid = 10000-20000 idmap gid = 10000-20000 template homedir = /data/hom/%U template shell = /bin/bash printer admin = root, '@XXXX.COM\Domain Admins', @XXXX.COM\DEP_ADMIN_GERMANY oplocks = No level2 oplocks = No My krb5.conf file is like this: [libdefaults] dns_fallback = true -- Regards, Alex de Vaal. Visit our Web site: http://www.nh-hotels.com This message is from NH HOTELES and it is private and confidential. Its content may be legally protected.Reception by a non-intended person does not waive legal protection rights. If you receive this message by m...

I also have made this configuration working with w2k, the problem is related do enc-types used by w2k3. I have seen a lot of people complaining about the same issue. Can the samba gurus help the community ??? What are the right configuration to put a Samba 3.0.x working as a Active Directory 2003 member and be accessible through \\<samba name>\<share name> ?! Please Jerry Carter,

...to look. My configs look like this:- KRB5.CONF [libdefaults] ticket_lifetime = 24000 default_realm = DOMAIN.LOCAL default_tgs_entypes = rc4-hmac des-cbc-md5 default_tkt__enctypes = rc4-hmac des-cbc-md5 permitted_enctypes = rc4-hmac des-cbc-md5 dns_lookup_realm = true dns_lookup_kdc = true dns_fallback = yes [realms] DOMAIN.LOCAL = { kdc = local_dc01.domain.local kdc = local_dc02.domain.local kdc = local_dc03.domain.local kdc = remote_dc01.domain.local kdc = remote_dc02.domain.local kdc = remote_dc03.domain.local kdc = local_dc10.domain.local kdc = local_dc11.domain.local admin_server =...