search for: spake_preauth_groups

...Here are the contents of the krb5.conf and smb.conf files: #----krb5.conf---- [libdefaults] default_realm = THIS.DOMAIN.COM dns_lookup_realm = true dns_lookup_kdc = true ticket_lifetime = 24h renew_lifetime = 7d kdc_timesync = 1 forwardable = true proxiable = true canonicalize = true rdns = false spake_preauth_groups = edwards25519 default_ccache_name = KEYRING:persistent:%{uid} #----krb5 end---- #----smb.conf---- [global] workgroup = DOMAIN netbios name = MACHINENAME logging = file log file = /var/log/samba/log.%m max log size = 1000 log level = 3 realm = THIS.DOMAIN.COM kerberos method = secrets and keytab c...

I know, and i have him the "samba" solution, because ... I dont know sssd also. And i dont get the fuss on samba+winbind or samba+sssd I have 3 services running minimal : samba winbind user-homes.automount Everything works as it should. I hope, and i'll add the note here also. NOTE ! My packages are NOT sssd compliant, you need to recompile SSSD yourselfs agains my samba

...t; > 1. a bug in smblcient involving that kerberos cache. I seen > something > passing by on this. > > 2. krb5.conf has to much in it, just not needed. > > 3. faulty smb.conf. Its incomplete. > > > > Krb5.conf remove the last 3 lines. > > "rdns = false, spake_preauth_groups = edwards25519, > default_ccache_name = > KEYRING:persistent:%{uid}" > > > > This is just a "faulty" smb.conf file. Where is the > "backend" definition > > > > I'd be interested in any additional information or sources you have > c...

...t_realm = THIS.DOMAIN.COM > > dns_lookup_realm = true > > dns_lookup_kdc = true > > ticket_lifetime = 24h > > renew_lifetime = 7d > > kdc_timesync = 1 > > forwardable = true > > proxiable = true > > canonicalize = true > > rdns = false > > spake_preauth_groups = edwards25519 > > default_ccache_name = KEYRING:persistent:%{uid} > > #----krb5 end---- This is just a "faulty" smb.conf file. Where is the "backend" definition https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member > > #----smb.conf---- &gt...

...8 00:00:45 krbtgt/MYDOMAIN.COM at MYDOMAIN.COM renew until 07/03/2018 14:00:41 ========== and configs: ========== # cat /etc/krb5.conf | grep -v -e '#' -e '^$' [libdefaults] default_realm = MYDOMAIN.COM dns_lookup_realm = false dns_lookup_kdc = true spake_preauth_groups = edwards25519 # cat /etc/samba/smb.conf | grep -v -e '#' -e '^$' [global] dns forwarder = 10.10.10.211 netbios name = DC1 realm = MYDOMAIN.COM server role = active directory domain controller workgroup = MYDOMAIN idmap_ldb:use...