Displaying 2 results from an estimated 2 matches for "nt_status_bad_token_type".
2023 Apr 13
4
Is LDAP + Kerberos without Active Directory no longer supported?
...installing libpam-winbind etc I had someone try to connect from
a MacOS and they got:
[2023/04/13 15:50:50.002773,? 1]
../../source3/auth/auth_generic.c:211(auth3_generate_session_info_pac)
? auth3_generate_session_info_pac: Unexpected PAC for
[testuser at OURREALM.REALM] in standalone mode - NT_STATUS_BAD_TOKEN_TYPE
[2023/04/13 15:50:50.002891,? 3]
../../source3/smbd/smb2_server.c:3961(smbd_smb2_request_error_ex)
? smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1]
status[NT_STATUS_BAD_TOKEN_TYPE] || at
../../source3/smbd/smb2_sesssetup.c:147
[2023/04/13 15:50:59.914944,? 3]
../../source3/smbd...
2023 Apr 13
3
Is LDAP + Kerberos without Active Directory no longer supported?
I have a server that runs stand-alone with an LDAP directory and a KDC .
The linux machines have sssd to allow unified users etc. The clients are
mostly MacOS and Windows machines that aren't part of an AD.
This config has worked for 15 years, but after upgrading Debian and
bringing in Samba Version 4.17.7-Debian it seems to be broken.
I believe this is related to: