search for: krb4_get_tickets

Displaying 20 results from an estimated 83 matches for "krb4_get_tickets".

2015 Jul 13
2
Member Server with problems
....133.84.25 default_domain = MEUDOMINIO.COM } MEUDOMINIO.COM = { kdc = 10.133.84.25 admin_server = 10.133.84.25:88 } [domain_realm] .meudominio.com = .MEUDOMINIO.COM meudominio.com = MEUDOMINIO.COM [login] krb4_convert = true krb4_get_tickets = true The below is my /etc/nsswitch.conf in a Member Server: passwd: compat winbind group: compat winbind shadow: compat hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files...
2014 Apr 25
2
problem authenticating users to Active Directory after Ubuntu 12.04 -> 14.04 upgrade
...= yes [realms] MYDOMAIN.COM = { kdc = my.domain.com admin_server = my.domain.com default_domain = MYDOMAIN.COM } [domain_realm] .mydomain.com = MYDOMAIN.COM mydomain.com = MYDOMAIN.COM [login] krb4_convert = true krb4_get_tickets = false| /etc/nsswitch.conf | passwd: compat winbind group: compat winbind shadow: compat hosts: files mdns4_minimal [NOTFOUND=return] dns wins networks: files protocols: db files services: db files ethers...
2012 Jul 09
2
How do I get an ssh client to authenticate with samba4's kerberos GSSAPI?
...hing = something-else } } fcc-mit-ticketflags = true [realms] MYDOMAIN.NET = { kdc = cofil01.mydomain.net:88 default_domain = mydomain.net } [domain_realm] .mydomain.net = MYDOMAIN.NET mydomain.net = MYDOMAIN.NET [login] krb4_convert = true krb4_get_tickets = false ==================================================== The server side krb5.conf contains this: ==================================================== [libdefaults] default_realm = MYDOMAIN.NET dns_lookup_realm = false dns_lookup_kdc = true =========================================...
2004 May 12
2
Failed to verify ticket ?
...ue krb4_convert = false [appdefaults] pam = { debug = true ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = true afs_cells = draffc3.draf.fc hosts = draffc3.draf.fc max_timeout = 30 timeout_shift = 2 initial_timeout = 1 } [login] krb4_convert = false krb4_get_tickets = false Any idea about my misconfiguration in Kerberos, everyone ? Please, just answer me for that and I'll let you breath ! Thanks for reading Bertram _________________________________________________________________ Trouvez l'?me soeur sur MSN Rencontres http://g.msn.fr/FR1000/9551
2015 Dec 28
2
Problems to authenticate Ubuntu 14 on Samba4
.../krb.realms dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h renew_lifetime = 7d forwardable = true [realms] EMPRESA.COM = { kdc = DC1.EMPRESA.COM admin_server = DC1.EMPRESA.COM } [domain_realm] .empresa.com = EMPRESA.COM empresa.com = EMPRESA.COM [login] krb4_convert = true krb4_get_tickets = false */etc/resolv.conf* nameserver 192.168.40.1 search empresa.com */etc/hosts*127.0.0.1 localhost 127.0.1.1 cliente-ad192.empresa.com cliente-ad192 192.168.40.2 cliente-ad192.empresa.com cliente-ad192 192.168.40.1 dc1.empresa.comdc1 */etc/nsswitch.conf* passwd:compat gr...
2017 Jun 22
5
wbinfo --group-info not listed users inside the group
...---------------------------------------- [realms] LOCAL.COM = { kdc = DC1.LOCAL.COM admin_server = DC1.LOCAL.COM default_domain = LOCAL.COM } [domain_realm] .local.com = LOCAL.COM local.com = LOCAL.COM [login] krb4_convert = true krb4_get_tickets = false ---------------------------------------------------------- smbd -V Version 4.5.8-Debian winbindd -V Version 4.5.8-Debian Do you have any suggestions about this? Thanks in advance! Best regards, Dmitriy
2010 Oct 23
2
Samba 3.2 & IPv6
...= { something = something-else } } fcc-mit-ticketflags = true [realms] DOMAIN.LOCAL = { kdc = kdc.domain.local admin_server = kdc.domain.local default_domain = domain.local } [domain_realm] .domain.local = DOMAIN.LOCAL domain.local = DOMAIN.LOCAL [login] krb4_convert = true krb4_get_tickets = false smb.conf: [global] workgroup = DOMAIN realm = DOMAIN.LOCAL password server = kdc.domain.local winbind use default domain = yes disable netbios = yes log level = 3 preferred master = no local master = no domain master = no security = ads ser...
2008 Feb 27
3
Samba and ACTIVE DIRECTORY
...services: db files ethers: db files rpc: db files netgroup: nis krb5.conf [realms] DOMANNAME = { kdc = ADSSERVER } DOMAINSHORTNAME = { kdc = ADSSERVER } [login] krb4_convert = true krb4_get_tickets = true All these files are identical on both machines and both machines are identical in time. ANY SUGGESTIONS...
2016 Apr 16
7
After Update to 4.2, Samba is unusuable as member server / No user and goup resolution
...= host ftp = ftp } plain = { something = something-else } } fcc-mit-ticketflags = true [realms] TEST.TEST.LOC = { kdc = dc.ad.test.loc kdc = dc1.ad.test.loc kdc = dc2.ad.test.loc kdc = dc3.ad.test.loc admin_server = dc.test.loc } [domain_realm] .test.loc = AD.TEST.LOC [login] krb4_convert = true krb4_get_tickets = false [logging] kdc = FILE:/var/log/krb5/krb5kdc.log admin_server = FILE:/var/log/krb5/kadmind.log default = SYSLOG:NOTICE:DAEMON ******************************************************************** libpam.winbind and libnss.winbind are installed. Name resolution works (as before...): host -...
2015 Dec 28
3
Problems to authenticate Ubuntu 14 on Samba4
Hi, I have saw many tutorials to ingress Ubuntu 14 in the Samba4 domain, but none worked properly. I put the Ubuntu workstation in the Domain, but when I try to login, appear the following messenge: "your password will be expire in 42 days " and does not permit the authentication. How can I configure correctly Ubuntu 14 workstation to authenticate in the Samba 4 domain? Thanks
2005 Jan 12
1
URGENT winbind - New DOMAIN but old DOMAIN not CHANGING - Resent
...rver = sun.admin.sjc default_domain = admin.sjc } [domain_realm] .admin.sjc = ADMIN.SJC [kdc] profile = /etc/kerberos/krb5kdc/kdc.conf [pam] debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false [login] krb4_convert = false krb4_get_tickets = false Anyway the users cannot auth through out proxy because of this. Can anyone help. I have to get this fixed by the morning before staff arrive. Thanks Chris
2010 Jan 28
1
Trouble getting past net join ads...
....FS.UML.EDU } STUDENT.UML.EDU = { kdc = STDC1.STUDENT.UML.EDU kdc = STDC2.STUDENT.UML.EDU } [domain_realm] .umlfs01.fs.uml.edu = FS.UML.EDU umlfs01.fs.uml.edu = FS.UML.EDU [login] krb4_convert = true krb4_get_tickets = false -- Asst. Prof. Joel M. Therrien Ph: 978-934-3324 Fax: 978-934-3027 Joel_Therrien at uml.edu Dept. of Electrical& Computer Engineering U. Massachusetts-Lowell 1 University Ave Lowell, MA 01854
2015 Nov 30
2
After joining domain, Samba uses the workgroup name, not the FQDN when running the net ads command
...749 } [appdefaults] pam = { ticket_lifetime = 1d renew_lifetime = 1d forwardable = true proxiable = false retain_after_close = false minimum_uid = 0 debug = false } [domain_realm] .windows.corp.XXX.com = WINDOWS.CORP.XXX.COM windows.corp.XXX.com = WINDOWS.CORP.XXX.COM [login] krb4_convert = true krb4_get_tickets = false On Mon, Nov 30, 2015 at 2:43 PM, Rowland Penny <rowlandpenny241155 at gmail.com > wrote: > On 30/11/15 20:30, Jonathan S. Fisher wrote: > >> Same results with that command. And the same DNS query occurred >> >> On Mon, Nov 30, 2015 at 2:20 PM, Rowland Penny...
2004 Jun 09
1
authentification in ads2003
...= false v4_name_convert = { host = { rcmd = host ftp = ftp } plain = { something = something-else } } [login] krb4_convert = true krb4_get_tickets = true *winbind* (logs) 2004/06/07 13:38:57, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain CAR CAR.BE.TEST.COM.LOCAL S-0-0 [2004/06/07 13:38:57, 1] libsmb/clikrb5.c:ads_krb5_mk_req(306) krb5_cc_get_principal failed (No credentials cache found) [2004/06/07 13:38:57, 1] nssw...
2014 May 09
1
samba4 : [kerberos part kinit work but no kpasswd
...T.EDU ??????? .whoi.edu = ATHENA.MIT.EDU ??????? whoi.edu = ATHENA.MIT.EDU ??????? .stanford.edu = stanford.edu ??????? .slac.stanford.edu = SLAC.STANFORD.EDU ??????? .toronto.edu = UTORONTO.CA ??????? .utoronto.ca = UTORONTO.CA ??????? .toto.fr= TOTO.FR [login] ??????? krb4_convert = true ??????? krb4_get_tickets = false ? the tcp dump for a failed attempt of kpasswd give the folllowing : ? client -> station Kerberos AS-REQ MSG Type : AS-REQ(10) Server Name(principal): kadmin/changepw Encryption type rc4-hmac ? station-> client BER Error : Empty choice was found ... ? and the log on the ser...
2015 Jun 03
2
Cannot join Ubuntu12.04 Samba 4.1.17 to domain
On 03/06/15 21:29, ivenhov wrote: > I reproduced error WERR_DEFAULT_JOIN_REQUIRED in two scenarios: > - user account that is used to join machine to domain is not part of Domain > Admin group. > - OU path for computer (specified in createcomputer) is invalid > > In both of those cases I'm getting detailed error messages: 'insufficient > access' and 'invalid
2013 Oct 26
2
lost with AD auth
...something = something-else } } fcc-mit-ticketflags = true [realms] RADIODJIIDO.NC = { kdc = serveur admin_server = serveur } [domain_realm] .radiodjiido.nc = RADIODJIIDO.NC radiodjiido.nc = RADIODJIIDO.NC [login] krb4_convert = true krb4_get_tickets = false syslog shows : -> Oct 26 11:09:36 serveur nslcd[2978]: [0f8fca] <passwd="radiodjiido\administrator"> failed to bind to LDAP server ldap://serveur.radiodjiido.nc: Local error Oct 26 11:09:36 serveur nslcd[2978]: [0f8fca] <passwd="radiodjiido\administrator"...
2016 Jun 27
4
Looking for GSSAPI config [was: Looking for NTLM config example]
...ault_domain = your.domain.name auth_to_local_names = { Administrator = root } } [domain_realm] your.domain.name = YOUR.REALM # this is not a mistake .your.domain.name = YOUR.REALM [login] krb4_convert = true krb4_get_tickets = false Note that some windows environments require additional configuration to get this working. 4. Forward/reverse DNS. For your *server* this is *absolutely* must. It has to match for your clients and your server. So if your server name is mail.example.org, and it has IP 10.0.2.3, then 10.0.2...
2015 Mar 12
0
samba 4.1.17 on raspberry pi as ad dc - internal dns problems
....edu = ATHENA.MIT.EDU > whoi.edu = ATHENA.MIT.EDU > .stanford.edu = stanford.edu > .slac.stanford.edu = SLAC.STANFORD.EDU > .toronto.edu = UTORONTO.CA > .utoronto.ca = UTORONTO.CA > > [login] > krb4_convert = true > krb4_get_tickets = false > > Regarding the nsswitch.conf I am a bit clueless. I use sssd, and therefore nearly all the lines got an sss as second entry. Maybe winbind would be the correct one for You. But this should be examined _after_ Kerberos is working OK. At least we now know, that Kerberos couldn&...
2003 Oct 17
0
winbinb problem related to kerberos.
...plain = { something = something-else } } [realms] GSTAZIONI.IT = { kdc = 192.168.5.1:88 kdc = 192.168.0.1:88 } [domain_realm] .gstazioni.it = GSTAZIONI.IT gstazioni.it = GSTAZIONI.IT [login] krb4_convert = true krb4_get_tickets = true which thing cause this problem ? how to solve ? another problem is that I can list users and group with the net ads users command, but not with wbinfo, why ? Thank in advance, Best regards. Federico