Displaying 20 results from an estimated 26 matches for "kdcdefaults".
2010 Jan 19
1
How I installed ovirt on fc 12
Hi,
I installed ovirt on fedora 12 (64 bits) successfully but I had to make some changes to make it work.
1. Installation from rpms builded from the lastest git version
2. Patch ace : missing backslashes in sed commands
vim /usr/share/ace/modules/ovirt/manifests/freeipa.pp
line 33 : '/\\[kdcdefaults\\]/a \\ kdc_ports = 88'
single_exec {"set_kdc_defaults":
command => "/bin/sed -i '/\\[kdcdefaults\\]/a \\ kdc_ports = 88' /usr/share/ipa/kdc.conf.template",
require => Package[ipa-server]
}
Line 44 : <Proxy \...
2005 Oct 26
2
ADS + Samba
...ha1 des-cbc-crc
[realms]
EXAMPLE.COM = {
kdc = adserver.example.com:88
nsswitch.conf
passwd: compat winbind
group: compat winbind
shadow: compat
hosts: files dns wins
networks: files dns
protocols: db files
services: db files
ethers: db files
rpc: db files
kdc.conf
[kdcdefaults]
kdc_ports = 88,750
[realms]
EXAMPLE.COM = {
database_name = /etc/krb5kdc/principal
admin_keytab = /etc/krb5kdc/kadm5.keytab
acl_file = /etc/krb5kdc/kadm5.acl
dict_file = /etc/krb5kdc/kadm5.dict
key_stash_file = /etc/krb5kdc/.k5.EXAMPLE.COM...
2024 May 03
1
Samba AD not listening on ipv4 - 464/tcp
...tcp LISTEN 0 10 [::1]:464 [::]:* users:(("kdc[master]",pid=217782,fd=37))
I'm trying to set this explicitly in
file?/var/lib/samba/private/kdc.conf by this directive "kpasswd_listen"
[kdcdefaults]
kdc_listen = 0.0.0.0
kdc_tcp_listen = 0.0.0.0
kpasswd_listen = 127.0.0.1:464 192.168.95.111:464
kdc_ports = 88
kdc_tcp_ports = 88
but nothing changed
when I've changed kdc_listen I can see difference by "sudo ss -tulpn"
but no changes for kpasswd_listen
How is it po...
2024 Dec 05
1
samba log level: ldap log file remains empty
...LDAP issue. I have a Samba Fileserver joined to the Samba Domain controller and all 15 Minutes I get this on the Domain controller log:
? | Auth: [Kerberos KDC,ENC-TS Pre-authentication] user [(null)]\[SAMBA-SRV$@XXX.XFAE] at [Wed, 04 Dec 2024 15:58:47.044307 CET]
I tried this on the AD side:
[kdcdefaults]
max_life = 10h # Default ticket lifetime
max_renewable_life = 7d
But I still see every ~15 Minutes the KDC authentication log. If I cannot have the LDAP requests in a separate log, with the samba version I use, than I would like to have
as little events in the main log as possible....
2015 Feb 13
2
Question re kerberos . . .
...angedb =
mysql://openchange-user:passwd at localhost/openchange
[netlogon]
path = /var/lib/samba/sysvol/smbdomain.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
Here's my 'kdc.conf'
adam at sogo:~$ sudo cat /etc/krb5kdc/kdc.conf
[kdcdefaults]
kdc_ports = 750,88
[realms]
SMBDOMAIN.COM = {
database_name = /var/lib/krb5kdc/principal
admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab
acl_file = /etc/krb5kdc/kadm5.acl
key_stash_file = /etc/krb5kdc/stash
kdc_ports = 750,88
max_life...
2018 Jan 22
3
SAMBA 4.7.4 with MIT Keberos
...mba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC
-
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
--> hanging on "Verifying Kerberos"
# vim /usr/local/samba/private/kdc.conf
-------------------------------------------------
[kdcdefaults]
kdc_ports = 88
kdc_tcp_ports = 88
kadmind_port = 464
[realms]
ROOTRUDI.DE = {
}
rootrudi.de = {
}
ROOTRUDI = {
}
[dbmodules]
db_module_dir = /usr/local/samba/lib/krb5/plugins/kdb
ROOTRUDI.DE = {...
2013 Sep 24
2
delete kerberos databases and start over
...onf is:
[libdefaults]
default_realm = DOMAIN.SUFFIX
dns_lookup_realm = false
dns_lookup_kdc = true
[realms]
DOMAIN.SUFFIX = {
kdc = thisbox.domain.suffix:88
admin_server = thisbox.domain.suffix:749
default_domain = domain.suffix
}
kdc.conf is:
[kdcdefaults]
kdc_ports 750,88
[realms]
domain.suffix = {
database_name = /usr/local/samba/private/principal
admin_keytab = FILE:/usr/local/samba/private/.keytab
acl_file = /etc/krb5kdc/kadm5.acl
keys_stash_file = /etc/krb5kdc/stash
kdc_ports = 750,88...
2009 Aug 21
1
[PATCH server] update installer exec items to single_exec where applicable
...taller/modules/ovirt/manifests/freeipa.pp
@@ -29,12 +29,12 @@ class freeipa::bundled{
command => "/bin/hostname $ipa_host",
}
- exec {"set_kdc_defaults":
+ single_exec {"set_kdc_defaults":
command => "/bin/sed -i '/\[kdcdefaults\]/a \ kdc_ports = 88' /usr/share/ipa/kdc.conf.template",
require => Package[ipa-server]
}
- exec {"replace_line_returns":
+ single_exec {"replace_line_returns":
command => "/bin/sed -i -e 's/^/#/&...
2009 Mar 13
1
[ADS]Trust relationship 'expires'
...s]
.mydomain.com = MYDOMAIN.COM
mydomain.com = MYDOMAIN.COM
[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmind.log
default = SYSLOG:NOTICE:DAEMON
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
kdc.conf
[kdcdefaults]
kdc_ports = 88,750
[reamls]
MYDOMAIN.COM = {
profile = /etc/krb5/krb5.conf
database_name = /var/krb5/principal
admin_keytab = /etc/krb5/kadm5.keytab
acl_file = /etc/krb5/kadm5.acl
kadmind_port = 749...
2024 May 03
1
Samba AD not listening on ipv4 - 464/tcp
...t;,pid=217785,fd=17)) tcp LISTEN 0 10
> [::1]:464 [::]:*
> users:(("kdc[master]",pid=217782,fd=37))
>
>
> I'm trying to set this explicitly in
> file?/var/lib/samba/private/kdc.conf by this directive
> "kpasswd_listen"
>
> [kdcdefaults]
> kdc_listen = 0.0.0.0
> kdc_tcp_listen = 0.0.0.0
> kpasswd_listen = 127.0.0.1:464 192.168.95.111:464
> kdc_ports = 88
> kdc_tcp_ports = 88
>
> but nothing changed
>
> when I've changed kdc_listen I can see difference by "sudo ss -tulpn"
&g...
2003 Nov 19
1
Samba 3.0 client connection error
...No
browseable = No
[printers]
comment = All Printers
path = /usr/spool/samba
printable = Yes
browseable = No
kdc.onf and krb5.conf
#
# Copyright 1998-2002 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
#ident "@(#)kdc.conf 1.2 02/02/14 SMI"
[kdcdefaults]
kdc_ports = 88,750
[realms]
___default_realm___ = {
profile = /etc/krb5/krb5.conf
database_name = /var/krb5/principal
admin_keytab = /etc/krb5/kadm5.keytab
acl_file = /etc/krb5/kadm5.acl
kadmind_port = 749
max_life = 8h 0m 0s
max_renewable_life = 7d 0h 0m 0s
default_principal_fl...
2014 Aug 26
2
Failed to join domain: failed to join domain 'XXX.YYY' over rpc: Access denied
...kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[realms]
XXX.YYY = {
kdc = dcserver.xxx.yyy:88
admin_server = dcserver.xxx.yyy:749
}
[domain_realm]
.xxx.yyy = XXX.YYY
xxx.yyy = XXX.YYY
/var/kerberos/krb5kdc/kdc.conf :
--------------------------------
[kdcdefaults]
kdc_ports = 88
kdc_tcp_ports = 88
[realms]
XXX.YYY= {
#master_key_type = aes256-cts
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
supported_enctypes = aes256-cts:normal aes128-cts:normal
des3-hm...
2024 May 03
1
Samba AD not listening on ipv4 - 464/tcp
...> > ??? [::1]:464?????????? [::]:*
> > users:(("kdc[master]",pid=217782,fd=37))
> >
> >
> > I'm trying to set this explicitly in
> > file?/var/lib/samba/private/kdc.conf by this directive
> > "kpasswd_listen"
> >
> > [kdcdefaults]
> > ?? kdc_listen = 0.0.0.0
> > ?? kdc_tcp_listen = 0.0.0.0
> > ?? kpasswd_listen = 127.0.0.1:464 192.168.95.111:464
> > ?? kdc_ports = 88
> > ?? kdc_tcp_ports = 88
> >
> > but nothing changed
> >
> > when I've changed kdc_listen I can se...
2005 Jan 12
1
URGENT winbind - New DOMAIN but old DOMAIN not CHANGING - Resent
...dministrator@ADMIN.SJC
kadm5.acl
*/administartor@ADMIN.SJC *
Does this ticket look ok? the krbtgt record looks a little odd to me.
I figure I should get ADMIN/chris, and I cannot see any entries for
STAFF realm left over.
I kdestroyed the ticket and recreated it, but no luck
kdc.conf
[kdcdefaults]
kdc_ports = 88
acl_file = /etc/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /etc/kerberos/krb5kdc/kadm5.keytab
[realms]
ADMIN.SJC = {
master_key_type = des3-cbc-sha1
supported_enctypes = des3-cbc-sha1:normal des-cbc-crc:normal
des-cbc-crc:v4 des-cbc-...
2004 Jul 29
2
2003 KDC and Samba
...mil = USAF.AFMC.DS.AF.MIL
usaf.af.mil = USAF.AFMC.DS.AF.MIL
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
*****************************
kdc.conf
*********
[kdcdefaults]
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
v4_mode = nopreauth
[realms]
USAF.AFMC.DS.AF.MIL = {
master_key_type = des-cbc-crc
supported_enctypes = des3-cbc-sha1:normal des3-cbc-sha1:norealm
des3-cbc-sha1:...
2014 Aug 26
0
Fwd: Re: Failed to join domain: failed to join domain 'XXX.YYY' over rpc: Access denied
...= {
>> kdc = dcserver.xxx.yyy:88
>> admin_server = dcserver.xxx.yyy:749
>> }
>>
>> [domain_realm]
>> .xxx.yyy = XXX.YYY
>> xxx.yyy = XXX.YYY
>>
>> /var/kerberos/krb5kdc/kdc.conf :
>> --------------------------------
>> [kdcdefaults]
>> kdc_ports = 88
>> kdc_tcp_ports = 88
>>
>> [realms]
>> XXX.YYY= {
>> #master_key_type = aes256-cts
>> acl_file = /var/kerberos/krb5kdc/kadm5.acl
>> dict_file = /usr/share/dict/words
>> admin_keytab = /var/kerberos/krb5kdc/...
2018 Jan 22
0
SAMBA 4.7.4 with MIT Keberos
...with_MIT_Kerberos_KDC
>
>-
>https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
>
>--> hanging on "Verifying Kerberos"
>
>
># vim /usr/local/samba/private/kdc.conf
>-------------------------------------------------
>[kdcdefaults]
> kdc_ports = 88
> kdc_tcp_ports = 88
> kadmind_port = 464
>
>[realms]
> ROOTRUDI.DE = {
> }
>
> rootrudi.de = {
> }
>
> ROOTRUDI = {
> }
>
>[dbmodules]
> db_module_dir =...
2005 Jan 12
0
winbind - New DOMAIN but old DOMAIN not CHANGING .URGENT
...ministrator@ADMIN.SJC
kadm5.acl
*/administartor@ADMIN.SJC *
Does this ticket look ok? the krbtgt record looks a little odd to me.
I figure I should get ADMIN/chris, and I cannot see any entries for
STAFF realm left over.
I kdestroyed the ticket and recreated it, but no luck
kdc.conf
[kdcdefaults]
kdc_ports = 88
acl_file = /etc/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /etc/kerberos/krb5kdc/kadm5.keytab
[realms]
ADMIN.SJC = {
master_key_type = des3-cbc-sha1
supported_enctypes = des3-cbc-sha1:normal des-cbc-crc:normal
des-cbc-crc:v4 des-cbc-crc:af...
2015 Feb 13
0
Question re kerberos . . .
.../scripts
>>> read only = No
>>>
>>> [sysvol]
>>> path = /var/lib/samba/sysvol
>>> read only = No
>>>
>>> Here's my 'kdc.conf'
>>>
>>> adam at sogo:~$ sudo cat /etc/krb5kdc/kdc.conf
>>> [kdcdefaults]
>>> kdc_ports = 750,88
>>>
>>> [realms]
>>> SMBDOMAIN.COM = {
>>> database_name = /var/lib/krb5kdc/principal
>>> admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab
>>> acl_file = /etc/krb5kdc/kadm5.acl
>&g...
2004 Jun 17
0
failed login, NT_STATUS_PASSWORD_MUST_CHANGE
...ar/log/krb5/libs.log
kdc = FILE:/var/log/krb5/kdc.log
admin_server = FILE:/var/log/krb5/admin.log
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
renewable = true
krb4_convert = false
#/var/heimdal/kdc.conf
[kdcdefaults]
kdc_ports = 88
[realms]
TEST.LOCAL = {
kadmind_port = 749
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
master_key_type = des-cbc-crc
supported_enctypes = des-cbc-crc:normal
}
[logging]
kdc =...