Displaying 20 results from an estimated 20 matches for "mechtypes".
Did you mean:
mechtype
2016 Nov 03
2
Win10 forcing NTLMSSP when KRB5 desired
Hi all,
I've 4.5.1 Samba on a machine with SSSD 1.13.4 setup and joined with a
Windows Server 2012 domain. Everything works great for Windows 8.1 - I can
connect to the Samba share and get authenticated as a domain user and files
are created with the correct Windows domain username and group.
With a Windows 10 client, I get an 'Access Denied'. After some debugging,
I'm putting
2016 Nov 05
2
Win10 forcing NTLMSSP when KRB5 desired
...Offset: 0x00000080
Length: 96
GSS-API Generic Security Service Application Program Interface
OID: 1.3.6.1.5.5.2 (SPNEGO - Simple Protected Negotiation)
Simple Protected Negotiation
negTokenInit
mechTypes: 3 items
MechType: 1.2.840.48018.1.2.2 (MS KRB5 -
Microsoft Kerberos 5)
MechType: 1.2.840.113554.1.2.2 (KRB5 - Kerberos
5)
MechType: 1.3.6.1.4.1.311.2.2.10 (NTLMSSP -
Microsoft NTLM Security Support Provider)...
2009 Mar 19
2
Server 2008 and Samba 3.0.25b
...s one glaring
difference between the working samba install and the non-working samba
install: in the Session Setup andX Request packet (under the "security
blob") that the client sends to the samba server, the working one lists
one mechtype: NTLMSSP. The non-working one lists three mechtypes: MS
KRB5, KRB5, NTLMSSP, in that order. The non-working one has a krb5
ticket further down in the packet.
Samba logs show an error:
Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2009/03/18 10:39:36, 1] libsmb/ntlmssp.c:ntlmssp_update(327)
I don't think it should be abl...
2018 Jun 30
2
DM 3.6.25 -> 4.x
additional note:
# kinit sgw
Password for sgw at customer.INTRA:
# smbclient \\\\u1customer\\IT -U sgw -k
SPNEGO(gse_krb5) creating NEG_TOKEN_INIT for cifs/u1customer failed
(next[(null)]): NT_STATUS_INVALID_PARAMETER
SPNEGO: Could not find a suitable mechtype in NEG_TOKEN_INIT
session setup failed: NT_STATUS_INVALID_PARAMETER
(krb5.conf already reduced to minimum, btw)
Does that point to
2008 Aug 05
2
Leopard Macs using Kerberos: Failed to parse negTokenTarg
...Security Blob: 6082096A06062B0601050502A082095E3082095AA0...
GSS-API Generic Security Service Application Program
Interface
OID: 1.3.6.1.5.5.2 (SPNEGO - Simple Protected
Negotiation)
SPNEGO
negTokenInit
mechTypes: 3 items
Item: 1.2.840.113554.1.2.2 (KRB5 -
Kerberos 5)
Item: 1.3.5.1.5.2 (SNMPv2-SMI::org.5.1.5.2)
Item: 1.2.840.48018.1.2.2 (MS KRB5 -
Microsoft K5)
Padding: 1...
2018 Apr 19
4
Share authentication problem
Hi @ll !
I am trying to set up a samba fileserver in SuSe 42.3 as domain member
in a debian based Samba4 AD. The join seems to be ok, as I can get
/wbinfo -u/ and /-g/, and /getent group/ and /passwd/.
I can also list all browsable shares with /smbclient -L \\SambaFS
-Uusername/, but when i add -k, I get following errors :
/SPNEGO(gse_krb5) creating NEG_TOKEN_INIT for cifs/Samba1 failed
2020 Sep 15
4
smbclient ignores configured kerberos ccache when using krb5-user on ubuntu/debian
Hello all.
I'm encountering an issue where smbclient seemingly ignores the kerberos
ccache as configured in krb5.conf when using "krb5-user" as the kerberos
package and will instead always default to using "FILE:/tmp/krb5cc_uid".
I tested each valid default ccache name type but smbclient completely
ignores whatever is set as the "default_ccache_name" in the conf
2018 Apr 14
3
smbclient kerberos auth fails
Hi,
I rarely deal with kerberos but everytime I do it's painful...
I have a Windows Server 2016 VM at foo-ad.foo.com. It has the AD role
and it owns the FOO.COM domain. I added a *AD* account FOO\aaptel%aaptel.
PS C:\share> get-aduser aaptel
DistinguishedName : CN=aaptel,CN=Users,DC=foo,DC=com
Enabled : True
GivenName :
Name :
2019 Feb 14
3
smbclient error talking to Netapp with SMB 3.11 / Samba 4.7.11
Hi Rowland,
-<| Quoting Rowland Penny via samba <rpenny at samba.org>, on Wednesday, 2019-02-13 05:01:19 PM |>-
> On Wed, 13 Feb 2019 17:16:21 +0100
> Philipp Gesang via samba <samba at lists.samba.org> wrote:
> > -<| Quoting L.P.H. van Belle via samba <belle at bazuin.nl>, on
> > Wednesday, 2019-02-13 04:59:55 PM |>-
> > >
2018 Jun 25
2
Samba 4.7.1 Generating Core Dumps
...te at entry=0x55b48e610460, out_mem_ctx=out_mem_ctx at entry=0x55b48e6156c0,
---Type <return> to continue, or q <return> to quit---
ev=ev at entry=0x55b48e614920, out=out at entry=0x55b48e6104c0, in=...) at ../auth/gensec/spnego.c:468
spnego_out = {type = -1, negTokenInit = {mechTypes = 0x55b48e610370, reqFlags = {data = 0x80 <Address 0x80 out of bounds>, length = 140471707458339}, reqFlagsPadding = 0 '\000', mechToken = {
data = 0x7ffcba8c556f "", length = 140723438245232}, mechListMIC = {data = 0x7fc21e396881 <asn1_peek_full_tag+81>...
2016 Nov 04
0
Win10 forcing NTLMSSP when KRB5 desired
On Thu, Nov 03, 2016 at 04:58:56PM +0000, J K via samba wrote:
> Hi all,
>
> I've 4.5.1 Samba on a machine with SSSD 1.13.4 setup and joined with a
> Windows Server 2012 domain. Everything works great for Windows 8.1 - I can
> connect to the Samba share and get authenticated as a domain user and files
> are created with the correct Windows domain username and group.
>
2018 Apr 19
0
Share authentication problem
On Thu, 19 Apr 2018 10:08:12 +0200
Sascha Wiechmann via samba <samba at lists.samba.org> wrote:
> Hi @ll !
>
> I am trying to set up a samba fileserver in SuSe 42.3 as domain
> member in a debian based Samba4 AD. The join seems to be ok, as I can
> get /wbinfo -u/ and /-g/, and /getent group/ and /passwd/.
> I can also list all browsable shares with /smbclient -L
2023 Oct 15
0
Samba Kerberos issue just cropped up with a node as of Samba 4.19.1
This issue just cropped up upon upgrading to Samba 4.19.1
masterz at yagosaki:~> smbclient -kd 3 //olympia.pukey/masterz
WARNING: The option -k|--kerberos is deprecated!
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Can't load /etc/samba/smb.conf - run testparm to debug it
added interface wlan0
2018 Apr 20
1
Share authentication problem
Hi Rowland,
Thank you very much for your help! The main problem was fixed today -
and i have to apologize for bothering sambalist because it was an
error40 (40cm in front of the PC). In my test enviroment, there was
still an old, non-existing SID on the domdata share, however - after
deleting the access permissions in Windows and adding new, everything
goes fine now. I answered your
2018 Jun 30
2
DM 3.6.25 -> 4.x
On Sat, 30 Jun 2018 21:02:57 +0200
"Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote:
>
> additional:
>
> the krb5.conf from the former admin, I assume it could or should be
> boiled down:
> # cat /etc/krb5.conf
The standard one for Samba is just this:
[libdefaults]
default_realm = CUSTOMER.INTRA
dns_lookup_realm = false
2020 Sep 16
0
smbclient ignores configured kerberos ccache when using krb5-user on ubuntu/debian
I believe you are hitting multiple things.
1. a bug in smblcient involving that kerberos cache. I seen something passing by on this.
2. krb5.conf has to much in it, just not needed.
3. faulty smb.conf. Its incomplete.
But more comment below.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Rowland penny via samba
> Verzonden:
2018 Apr 19
0
Share authentication problem
Ok, please post of both servers the smb.conf and tell the samba versions.
You have a misconfiguration in these.
> WARNING: The "idmap gid" option is deprecated
> WARNING: The "idmap uid" option is deprecated
^^^^^^^^^^^^^^^^^^^^^^^^^^^
> "idmap gid"="10000-20000"
> "idmap uid"="10000-20000"
You need something like this
2019 Feb 13
2
smbclient error talking to Netapp with SMB 3.11 / Samba 4.7.11
Hi Louis,
thanks for your reply.
-<| Quoting L.P.H. van Belle via samba <belle at bazuin.nl>, on Wednesday, 2019-02-13 04:59:55 PM |>-
>
> DOM.AIN\foobar's password:
> ^^^^^^^^
>
> No dot is allowed in the NTDOM
> Fix that first, then try again.
That’s the output when logon succeeds though nor does the value
seem to matter anywhere else. This is just Samba
2019 Feb 05
2
Unable to join to a SAMBA4 domain
Hi folks
I'm using samba 4.8.3 in CentOS client and samba 4.9.3 from Van Belle repos
on server
I cannot join to the domain as
net ads join -k -d 1
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
in: struct libnet_JoinCtx
dc_name : NULL
machine_name : 'TINY-FISHWIFE'
domain_name : *
2017 Aug 11
4
cannot join windows 7 samba4-ad-dc fresh install, get NT_STATUS_INTERNAL_ERROR
Hi,
I've changed /etc/resolv.conf, rebooted, here is the output:
cat /etc/resolv.conf
domain rona.loc
search rona.loc
nameserver 192.168.19.2
------
smbclient -L $(hostname -f) -UAdministrator%<password> -d5
INFO: Current debug levels:
all: 5
tdb: 5
printdrivers: 5
lanman: 5
smb: 5
rpc_parse: 5
rpc_srv: 5
rpc_cli: 5
passdb: 5
sam: 5
auth: 5
winbind: 5
vfs: 5