search for: krb5kdc

Displaying 20 results from an estimated 509 matches for "krb5kdc".

2017 Apr 23
4
kerberos got crazy after ubuntu upgrade from 14.04 to 16.04
...keytab_name = /etc/krb5.keytab allow_weak_crypto = true [realms] BIURO.domain = { kdc = pdc.biuro.domain admin_server = pdc.biuro.domain } this is what kerberos throws in auth.log when I try to log in with a win2008 client: Apr 23 09:17:38 pdc kadmind[610]: closing down fd 31 Apr 23 09:17:55 pdc krb5kdc[643]: AS_REQ (6 etypes {18 17 23 24 -135 3}) 192.168.0.139: CLIENT_NOT_FOUND: qubix at GPMV for krbtgt/GPMV at GPMV, Client not found in Kerberos database Apr 23 09:17:55 pdc krb5kdc[643]: closing down fd 15 Apr 23 09:17:56 pdc krb5kdc[643]: TGS_REQ (5 etypes {18 17 23 24 -135}) 192.168.0.139: PROC...
2009 Jun 10
1
krb5kdc fails to start
...s driving bonkers. A couple of weeks ago I started working on implementing Kerberos. I got as far as getting the primary/master KDC running on our CentOS development system before I got dragged off to work on something a little more pressing. I finally got back to it this week only to find that the krb5kdc service now fails to start. A check of the log files shows it has been working right up until the system was rebooted Sunday night. The reboot itself was not the problem as there had been previous reboots after which krb5kdc was able to restart. Here are the log entries for that latest retry: J...
2017 Apr 23
1
kerberos got crazy after ubuntu upgrade from 14.04 to 16.04
...t at samba.org>: > On Sun, 2017-04-23 at 09:39 +0200, Jakub Kulesza via samba wrote: > > this is what kerberos throws in auth.log when I try to log in with a > > win2008 client: > > > > Apr 23 09:17:38 pdc kadmind[610]: closing down fd 31 > > Apr 23 09:17:55 pdc krb5kdc[643]: AS_REQ (6 etypes {18 17 23 24 -135 > > 3}) > > 192.168.0.139: CLIENT_NOT_FOUND: qubix at GPMV for krbtgt/GPMV at GPMV, > > Client > > not found in Kerberos database > > Apr 23 09:17:55 pdc krb5kdc[643]: closing down fd 15 > > Apr 23 09:17:56 pdc krb5kdc[643...
2017 Apr 23
2
kerberos got crazy after ubuntu upgrade from 14.04 to 16.04
...o winbind enum groups = yes winbind enum users = yes [netlogon] path = /var/local/samba/var/lib/samba/netlogon #path = /var/lib/samba/sysvol/biuro.domain/scripts read only = No guest ok = yes The result - the same. logging on a win2008 with user jkadmin gives the following: Apr 23 11:37:36 pdc krb5kdc[656]: AS_REQ (6 etypes {18 17 23 24 -135 3}) 192.168.0.139: CLIENT_NOT_FOUND: jkadmin at biuro.domain.pl for krbtgt/ biuro.domain.pl at biuro.domain.pl, Client not found in Kerberos database Apr 23 11:37:36 pdc krb5kdc[656]: closing down fd 15 Apr 23 11:37:36 pdc krb5kdc[656]: DISPATCH: repeated (r...
2017 Apr 23
0
kerberos got crazy after ubuntu upgrade from 14.04 to 16.04
...mba/sysvol/biuro.domain/scripts Put netlogon back into sysvol and what happened to the 'sysvol' share ? > read only = No guest ok = yes <-- remove this > > The result - the same. logging on a win2008 with user jkadmin gives > the following: > > Apr 23 11:37:36 pdc krb5kdc[656]: AS_REQ (6 etypes {18 17 23 24 -135 > 3}) 192.168.0.139: CLIENT_NOT_FOUND: jkadmin at biuro.domain.pl for > krbtgt/ biuro.domain.pl at biuro.domain.pl, Client not found in Kerberos > database Apr 23 11:37:36 pdc krb5kdc[656]: closing down fd 15 > Apr 23 11:37:36 pdc krb5kdc[656]: D...
2009 Jun 11
0
Bind krb5kdc only to eth1 and not also to ppp0
Hello, if starting /etc/init.d/krb5kdc, kerberos binds to eth1 and the *current* ip of ppp0. # netstat -nap | grep :750\\b udp 0 0 91.9.220.166:750 0.0.0.0:* 3180/krb5kdc udp 0 0 192.168.0.1:750 0.0.0.0:* 3180/krb5kdc # netstat -...
2017 Apr 23
0
kerberos got crazy after ubuntu upgrade from 14.04 to 16.04
On Sun, 2017-04-23 at 09:39 +0200, Jakub Kulesza via samba wrote: > this is what kerberos throws in auth.log when I try to log in with a > win2008 client: > > Apr 23 09:17:38 pdc kadmind[610]: closing down fd 31 > Apr 23 09:17:55 pdc krb5kdc[643]: AS_REQ (6 etypes {18 17 23 24 -135 > 3}) > 192.168.0.139: CLIENT_NOT_FOUND: qubix at GPMV for krbtgt/GPMV at GPMV, > Client > not found in Kerberos database > Apr 23 09:17:55 pdc krb5kdc[643]: closing down fd 15 > Apr 23 09:17:56 pdc krb5kdc[643]: TGS_REQ (5 etypes {18 17 23...
2018 Jul 03
1
Samba 4 AD DC on Fedora, problem with GPOs and denied security for machines
...ight Andrew Tridgell and the Samba Team 1992-2018 [2018/07/03 09:53:35.314221, 0] ../source4/smbd/server.c:638(binary_smbd_main) binary_smbd_main: samba: using 'standard' process model [2018/07/03 09:53:37.069464, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) /usr/sbin/krb5kdc: krb5kdc: starting... # cat /var/log/samba/log.samba (log level = 3) [2018/07/03 13:08:54.701296, 3] ../lib/ldb-samba/ldb_wrap.c:326(ldb_wrap_connect) ldb_wrap open of secrets.ldb [2018/07/03 13:08:56.158460, 3] ../libcli/auth/schannel_state_tdb.c:362(schannel_store_challenge_tdb) schan...
2015 Feb 13
2
Question re kerberos . . .
...segments without issue. I'm having problems starting Kerberos, specifically, 'krb5-kdc' and 'krb5-admin-server' It appears it cannot identify the realm/domain It appears Samba is not identifying itself. adam at sogo:~$ sudo service krb5-kdc start * Starting Kerberos KDC krb5kdc krb5kdc: Configuration file does not specify default realm, attempting to retrieve default realm adam at sogo:~$ sudo service krb5-admin-server start * Starting Kerberos administrative servers kadmind kadmind: Configuration file does not specify default realm while initializing, aborting I...
2005 Jan 12
1
URGENT winbind - New DOMAIN but old DOMAIN not CHANGING - Resent
...SJC * Does this ticket look ok? the krbtgt record looks a little odd to me. I figure I should get ADMIN/chris, and I cannot see any entries for STAFF realm left over. I kdestroyed the ticket and recreated it, but no luck kdc.conf [kdcdefaults] kdc_ports = 88 acl_file = /etc/kerberos/krb5kdc/kadm5.acl dict_file = /usr/share/dict/words admin_keytab = /etc/kerberos/krb5kdc/kadm5.keytab [realms] ADMIN.SJC = { master_key_type = des3-cbc-sha1 supported_enctypes = des3-cbc-sha1:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3 profile = /etc/krb5.conf database_name...
2020 Mar 22
1
new installation Samba AD - dnsupdate fail
...a so old Samba Version, yes today i have download 4.12 the source Was quick compiled and installed, nice. I fighting with Kerberos..... or will this running when AD are up and running? root at AD:/# cat /etc/krb5.conf [logging] Default = FILE:/var/log/krb5.log kdc = FILE:/var/log/krb5Kdc.log admin_server = FILE:/var/log/krb5adm.log [libdefaults] default_realm = CALORO.M [realms] CALORO.M = { kdc = ad.caloro.m:88 admin_server = ad.caloro.m:749 default_domain = caloro.m } [domain_realm] .caloro.m = CALORO.M caloro.m = CALORO....
2018 Jul 27
3
macOS 10.13.6 error joining to Samba 4.8.3
...)" The Mac has a local IP address of 192.168.0.107, and its hostname is set to potterbook. On the Mac, no log entries at all occur to indicate what this might be. On the Linux machine, the only logs that seem to get written are in /var/log/samba/mit_kdc.log: "Jul 27 23:53:09 pathfinder krb5kdc[6597](info): AS_REQ (4 etypes {18 17 16 23}) 192.168.0.107: NEEDED_PREAUTH: Administrator at POTTERNET.LAN for krbtgt/POTTERNET.LAN at POTTERNET.LAN, Additional pre-authentication required Jul 27 23:53:09 pathfinder krb5kdc[6597](info): AS_REQ (4 etypes {18 17 16 23}) 192.168.0.107: ISSUE: authtime...
2005 Oct 26
2
ADS + Samba
...passwd: compat winbind group: compat winbind shadow: compat hosts: files dns wins networks: files dns protocols: db files services: db files ethers: db files rpc: db files kdc.conf [kdcdefaults] kdc_ports = 88,750 [realms] EXAMPLE.COM = { database_name = /etc/krb5kdc/principal admin_keytab = /etc/krb5kdc/kadm5.keytab acl_file = /etc/krb5kdc/kadm5.acl dict_file = /etc/krb5kdc/kadm5.dict key_stash_file = /etc/krb5kdc/.k5.EXAMPLE.COM kadmind_port = 749 max_life = 10h 0m 0s max_renewable_life = 7d 0h 0m 0s...
2018 Oct 16
2
Samba AD DC + external DHCP + BIND9_DLZ dynamic dns updates doesn't work for domain members.
...opyright Andrew Tridgell and the Samba Team 1992-2018 [2018/10/16 18:29:56.934115, 0] ../source4/smbd/server.c:638(binary_smbd_main) binary_smbd_main: samba: using 'standard' process model [2018/10/16 18:29:57.251109, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) /usr/sbin/krb5kdc: krb5kdc: starting... named log: 16-Oct-2018 18:29:53.526 general: info: managed-keys-zone: loaded serial 0 16-Oct-2018 18:29:53.538 general: info: zone localhost/IN: loaded serial 0 16-Oct-2018 18:29:53.539 general: info: zone virtual/IN: loaded serial 0 16-Oct-2018 18:29:53.539 general: info: zo...
2018 Mar 22
0
access is denied to the Windows share folder because of the ticket kerberos
The client can not access the Windows Share after authorization on samba DC samba_dc_server: samba 4.7.6 krb5-libs 1.15.2-7 windows client: windows7 windows_file_server: windows server 2008 /var/log/samba/mit_kdc.log мар 22 15:43:49 samba_dc_server krb5kdc[17891](info): commencing operation мар 22 15:43:56 samba_dc_server krb5kdc[17891](info): AS_REQ (6 etypes {18 17 23 24 -135 3}) 10.2.1.12: NEEDED_PREAUTH: vas.lah at example.ru for krbtgt/example .ru at example.ru, Additional pre-authentication required мар 22 15:43:56 samba_dc_server krb5kdc[17891...
2005 Jan 12
0
winbind - New DOMAIN but old DOMAIN not CHANGING .URGENT
....SJC * Does this ticket look ok? the krbtgt record looks a little odd to me. I figure I should get ADMIN/chris, and I cannot see any entries for STAFF realm left over. I kdestroyed the ticket and recreated it, but no luck kdc.conf [kdcdefaults] kdc_ports = 88 acl_file = /etc/kerberos/krb5kdc/kadm5.acl dict_file = /usr/share/dict/words admin_keytab = /etc/kerberos/krb5kdc/kadm5.keytab [realms] ADMIN.SJC = { master_key_type = des3-cbc-sha1 supported_enctypes = des3-cbc-sha1:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3 profile = /etc/krb5.conf database_name = /et...
2020 Mar 22
2
new installation Samba AD - dnsupdate fail
Hello together Installing a new Samba AD on me new installed Debian 10. root at AD:/home/maurizio# /usr/sbin/smbd -V Version 4.9.5-Debian But DNS_Update will by fail: [2020/03/22 13:26:02.266719, 0] ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler) /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception - (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS') [2020/03/22
2004 Oct 21
1
Ads_connect: Server not found in Kerberos database
...e Here is a copy of the krb5.conf file: [libdefaults] ticket_lifetime = 600 default_realm = BROOKS.COM kdc_req_checksum_type = 2 checksum_type = 2 ccache_type = 1 default_tkt_enctypes = des-cbc-crc default_tgs_enctypes = des-cbc-crc [kdc] profile = /usr/local/var/krb5kdc/kdc.conf [logging] kdc = FILE:/usr/local/var/krb5kdc/kdc.log <FILE:/usr/local/var/krb5kdc/kdc.log> admin_server = FILE:/usr/local/var/krb5kdc/adm.log <FILE:/usr/local/var/krb5kdc/adm.log> default = FILE:/usr/local/var/krb5kdc/log.log <FILE:/usr/local/var/krb5kdc/log.lo...
2019 Sep 02
2
Problem to access from Win to Win after classicupdate to Samba DC 4.10.7
...dns,dhcp,kerberos,kpasswd,ldap,ldaps,ntp} 183 firewall-cmd --permanent --add-port={135/tcp,137-138/udp,139/tcp,3268-3269/tcp,49152-65535/tcp} 184 firewall-cmd --reload Then now the port open are that[1] The system is a Fedora 30 Server with default samba out of the box. Then yes, it's a krb5kdc (mit_kdc). I hope this is not a problem for this ml, otherwise let me know where I can post my question. I have look into mit_kdc.log and I have see this recurred lament, (that I don't know what it means and whether it is important or not): set 02 11:54:36 s-addc.studiomosca.net krb5kdc[6764]...
2017 Sep 26
3
Fedora 27 rawhide, samba needs a restart to launch krb5kdc
Hi, The following problem: [root]#kinit administrator kinit: Cannot contact any KDC for realm 'DC-STATIC.LUUFORPROS.COM' while getting initial credentials A restart of samba.service finally starts krb5kdc: [root]#systemctrl restart samba [root]# ps axf |grep krb 1249 pts/0 S+ 0:00 \_ grep --color=auto krb 1212 ? S 0:00 | \_ /usr/sbin/krb5kdc -n and now: [root at feddc ~]# kinit administrator Password for administrator at DC-STATIC.LUUFORPROS.COM: [root at...