Displaying 17 results from an estimated 17 matches for "supported_enctypes".
2005 Oct 26
2
ADS + Samba
.../kadm5.keytab
acl_file = /etc/krb5kdc/kadm5.acl
dict_file = /etc/krb5kdc/kadm5.dict
key_stash_file = /etc/krb5kdc/.k5.EXAMPLE.COM
kadmind_port = 749
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
master_key_type = des3-hmac-sha1
supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal
}
2015 Feb 13
2
Question re kerberos . . .
...cipal
admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab
acl_file = /etc/krb5kdc/kadm5.acl
key_stash_file = /etc/krb5kdc/stash
kdc_ports = 750,88
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
master_key_type = des3-hmac-sha1
supported_enctypes = aes256-cts:normal arcfour-hmac:normal
des3-hmac-sha1:normal des-cbc-crc:normal des:normal des:v4 des:norealm
des:onlyrealm des:afs3
default_principal_flags = +preauth
}
That is exactly as 'kdc.conf' was configured when I installed 'krb5-kdc'
& 'krb5-admin...
2013 Sep 24
2
delete kerberos databases and start over
...dmin_keytab = FILE:/usr/local/samba/private/.keytab
acl_file = /etc/krb5kdc/kadm5.acl
keys_stash_file = /etc/krb5kdc/stash
kdc_ports = 750,88
max_life = 9107d 5h 0m 0s
max_renewable_life = 9300d 0h 0m 0s
master_key_type = des3-hmac-sha1
supported_enctypes = aes256-cts:normal arcfour-hmac:normal
des3-hmac-sha 1:normal des-cbc-crc:normal des:normal des:v4 des:norealm
des:onlyrealm des:afs3
}
I would appreciate any help you could give. As I said, I'm not
interested in knowing why. This box is my print server and I need it!
-thanks!
-jimc...
2014 Aug 26
2
Failed to join domain: failed to join domain 'XXX.YYY' over rpc: Access denied
.../krb5kdc/kdc.conf :
--------------------------------
[kdcdefaults]
kdc_ports = 88
kdc_tcp_ports = 88
[realms]
XXX.YYY= {
#master_key_type = aes256-cts
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
supported_enctypes = aes256-cts:normal aes128-cts:normal
des3-hmac-sha1:normal arcfour-hmac:normal des-hmac-sha1:normal
des-cbc-md5:normal des-cbc-crc:normal
}
Then :
------
# kinit administrateur at XXX.YYY
Password for administrateur at XXX.YYY:
# kdb5_util create -s
Loading random data
Initializing database...
2005 Feb 16
1
RedHat+Samba+Winbind to ADS
...default_realm = TEST.COM
dns_lookup_realm = false
dns_lookup_kdc = false
kdc_timesync = 1
forwardable = true
proxiable = true
default_tgs_enctypes = des-cbc-crc
default_tkt_enctypes = des-cbc-crc
permitted_enctypes = des-cbc-crc
[realms]
CIKAUTXO.ES ={
master_key_type = des-cbc-crc
supported_enctypes = des-cbc-crc
kdc = PDC
admin_server = PDC
default_domain = TEST
}
[domain_realm]
.test.com = TEST.COM
test.com = TEST.COM
-------------krb5.conf-------------------------------
Choosing other enctypes in some params (default_tkt_enctypes
default_tgs_enctypes ) give me the same error as ab...
2005 Jan 12
1
URGENT winbind - New DOMAIN but old DOMAIN not CHANGING - Resent
...over.
I kdestroyed the ticket and recreated it, but no luck
kdc.conf
[kdcdefaults]
kdc_ports = 88
acl_file = /etc/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /etc/kerberos/krb5kdc/kadm5.keytab
[realms]
ADMIN.SJC = {
master_key_type = des3-cbc-sha1
supported_enctypes = des3-cbc-sha1:normal des-cbc-crc:normal
des-cbc-crc:v4 des-cbc-crc:afs3
profile = /etc/krb5.conf
database_name = /etc/kerberos/krb5kdc/principal
admin_database_name = /etc/kerberos/krb5kdc/kadm5_adb
admin_database_lockfile = /etc/kerberos/krb5kdc/kadm5_adb.lock
admin_keytab = FILE:...
2014 May 09
1
samba4 : [kerberos part kinit work but no kpasswd
...alms
??????? kdc_timesync = 1
??????? ccache_type = 4
??????? forwardable = true
??????? proxiable = true
default_tgs_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
default_tkt_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
permitted_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
supported_enctypes = aes256-cts:normal arcfour-hmac:normal des3-hmac-sha1:normal des-cbc-crc:normal des-cbc-crc:v4 des3-hmac-sha1 arcfour-hmac-md5 des-cbc-crc des-cbc-md5
?
????? v4_instance_resolve = false
??????? v4_name_convert = {
??????????????? host = {
??????????????????????? rcmd = host
????????????????????...
2004 Jul 29
2
2003 KDC and Samba
..._convert = false
*****************************
kdc.conf
*********
[kdcdefaults]
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
v4_mode = nopreauth
[realms]
USAF.AFMC.DS.AF.MIL = {
master_key_type = des-cbc-crc
supported_enctypes = des3-cbc-sha1:normal des3-cbc-sha1:norealm
des3-cbc-sha1:onlyrealm des-cbc-crc:v4 des-cbc-crc:afs3 des-cbc-crc:normal
des-cbc-crc:norealm des-cbc-crc:onlyrealm des-cbc-md4:v4 des-cbc-md4:afs3
des-cbc-md4:normal des-cbc-md4:norealm des-cbc-md4:onlyrealm des-cbc-md5:v4
des-cbc-md5:afs3 des-cbc-md5:...
2006 Jun 14
0
net ads join's generated keytab and solaris
...rocess works.
If I run something like "kinit -k host/mundi@TESTAUTH.NETWORK" I get a
preauthentication failed message. If insted of the mundi I make that fully
quallified I get the client not found in kerberos database error.
I should also mention in order to get this far I had to add supported_enctypes
= des-cbc-md5 and various other lines to krb5.conf to only allow that encoding
as solaris does not allow many types. This successfuly limited my keytab down
to only those enc types. I also added to smb.conf use kerberos keytab = yes,
to have a unified system domain join, ie ssh and samba would...
2014 Aug 26
0
Fwd: Re: Failed to join domain: failed to join domain 'XXX.YYY' over rpc: Access denied
...88
>> kdc_tcp_ports = 88
>>
>> [realms]
>> XXX.YYY= {
>> #master_key_type = aes256-cts
>> acl_file = /var/kerberos/krb5kdc/kadm5.acl
>> dict_file = /usr/share/dict/words
>> admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
>> supported_enctypes = aes256-cts:normal aes128-cts:normal
>> des3-hmac-sha1:normal arcfour-hmac:normal des-hmac-sha1:normal
>> des-cbc-md5:normal des-cbc-crc:normal
>> }
>>
>> Then :
>> ------
>>
>> # kinit administrateur at XXX.YYY
>> Password for administrate...
2005 Jan 12
0
winbind - New DOMAIN but old DOMAIN not CHANGING .URGENT
...lm left over.
I kdestroyed the ticket and recreated it, but no luck
kdc.conf
[kdcdefaults]
kdc_ports = 88
acl_file = /etc/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /etc/kerberos/krb5kdc/kadm5.keytab
[realms]
ADMIN.SJC = {
master_key_type = des3-cbc-sha1
supported_enctypes = des3-cbc-sha1:normal des-cbc-crc:normal
des-cbc-crc:v4 des-cbc-crc:afs3
profile = /etc/krb5.conf
database_name = /etc/kerberos/krb5kdc/principal
admin_database_name = /etc/kerberos/krb5kdc/kadm5_adb
admin_database_lockfile = /etc/kerberos/krb5kdc/kadm5_adb.lock
admin_keytab = FILE:/etc...
2015 Feb 13
0
Question re kerberos . . .
...l_file = /etc/krb5kdc/kadm5.acl
>>> key_stash_file = /etc/krb5kdc/stash
>>> kdc_ports = 750,88
>>> max_life = 10h 0m 0s
>>> max_renewable_life = 7d 0h 0m 0s
>>> master_key_type = des3-hmac-sha1
>>> supported_enctypes = aes256-cts:normal arcfour-hmac:normal
>>> des3-hmac-sha1:normal des-cbc-crc:normal des:normal des:v4
>>> des:norealm des:onlyrealm des:afs3
>>> default_principal_flags = +preauth
>>> }
>>>
>>> That is exactly as 'kdc.conf'...
2004 Jun 17
0
failed login, NT_STATUS_PASSWORD_MUST_CHANGE
...newable = true
krb4_convert = false
#/var/heimdal/kdc.conf
[kdcdefaults]
kdc_ports = 88
[realms]
TEST.LOCAL = {
kadmind_port = 749
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
master_key_type = des-cbc-crc
supported_enctypes = des-cbc-crc:normal
}
[logging]
kdc = FILE:/var/log/kdc.log
admin_server = FILE:/var/log/kadmin.log
#/etc/pam.d/login
#%PAM-1.0
auth required pam_securetty.so
auth required pam_env.so
auth sufficient pam_unix2.so nullok #set_secrpc
auth sufficient pam_wi...
2006 Jun 20
0
Unable to join AD
...= false
}
[root@desarrollo ~]# cat /var/kerberos/krb5kdc/kdc.conf
[kdcdefaults]
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
v4_mode = nopreauth
[realms]
OUR.DOMAIN.COM = {
master_key_type = des-cbc-crc
supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal
des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal
des-cbc-crc:v4 des-cbc-crc:afs3
}
And the output of kinit and klist:
[root@desarrollo ~]# kinit Administrador@OUR.DOMAIN.COM
Password for Administrador@OUR.DOMAIN.COM:
[root@desarrollo ~]#...
2014 May 09
0
(no subject)
...alms
??????? kdc_timesync = 1
??????? ccache_type = 4
??????? forwardable = true
??????? proxiable = true
default_tgs_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
default_tkt_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
permitted_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
supported_enctypes = aes256-cts:normal arcfour-hmac:normal des3-hmac-sha1:normal des-cbc-crc:normal des-cbc-crc:v4 des3-hmac-sha1 arcfour-hmac-md5 des-cbc-crc des-cbc-md5
?
????? v4_instance_resolve = false
??????? v4_name_convert = {
??????????????? host = {
??????????????????????? rcmd = host
????????????????????...
2009 Mar 11
1
Samba PDC - Kerberised CIFS access
...ofsedutsm ~]# cat /var/kerberos/krb5kdc/kdc.conf
[kdcdefaults]
v4_mode = nopreauth
kdc_tcp_ports = 88
[realms]
SONAS.COM = {
#master_key_type = des3-hmac-sha1
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal
des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4
des-cbc-crc:afs3
}
[root@sofsedun3 ~]# cat /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind....
2007 May 25
0
Sometimes PC can not find network path
...optional /lib/security/$ISA/pam_krb5.so
*******kdc.conf************
[kdcdefaults]
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
v4_mode = nopreauth
[realms]
AVISION.COM.CN = { master_key_type = des-cbc-crc
supported_enctypes = arcfour-hmac:normal arcfour-hmac:norealm
arcfour-hmac:onlyrealm des3-hmac-sha1:normal des-hmac-sha1:normal
des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3
}
********a part of samba log about one client pc*************
[2007/04/28 08:48:57, 1] smbd/service.c:make_connection_...