Displaying 20 results from an estimated 2000 matches similar to: "Samba 4 GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Decrypt integrity check failed"
2014 May 20
1
ddns failure on Ubuntu client
Hi
I'm trying to get an Ubuntu 14.04 client to update its rr to a working
bind dns DC with Samba 4.1.7. The setup is the same as with our openSUSE
clients with sssd 1.11.15
sssd.conf
id_provider = ad
auth_provider = ad
access_provider = ad
ldap_id_mapping = False
/etc/hosts
127.0.0.1 lubuntu-laptop.hh3.site lubuntu-laptop
127.0.1.1 localhost
But it is sending a request for the wrong
2014 May 20
2
Ubuntu client ddns failure
Hi
I'm trying to get an Ubuntu 14.04 client to update its rr to a working
bind dns DC with Samba 4.1.7. The setup is the same as with our openSUSE
clients with sssd 1.11.15
sssd.conf
id_provider = ad
auth_provider = ad
access_provider = ad
ldap_id_mapping = False
/etc/hosts
127.0.0.1 lubuntu-laptop.hh3.site lubuntu-laptop
127.0.1.1 localhost
But it is sending a request for the wrong
2012 Jan 17
1
Samba 4 and GSSAPI kerberos ldap connect
Hi everyone
I'm trying to use kerberos to authenticate to Samba 4 ldap. At the
moment, I authenticate by specifying the binddn and password in
/etc/nslcd.conf and all works fine
If I add the line:
sasl_mech GSSAPI
to /etc/nslcd.conf
and restart nslcd, no one can connect to the database. Nothing works.
ldapsearch and getent passwd draw a blank.
ldapsearch -x -b '' -sbase
2012 Jan 08
3
Samba 4 krb5.keytab confusion
Hi
I have Samba 4 installed and working. I recently changed FQDN to dns
name hh3.hh3.site. It works OK and e.g. on a windows 7 box which joined
the domain, users can logon. But I have a mess in the keytab:
klist -k /etc/krb5.keytab
Keytab name: WRFILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
2 HH3$@HH3.HH1.SITE
2
2013 May 01
0
slow automounted cifs
Samba 4.0.6 git both DC and fileserver with openSUSE 12.3 clients
Hi
I'm trying to debug why logins to Linux clients are sometimes slow. Here
is a login with the user steve2 requesting his (automounted) home folder:
]
Kerberos: TGS-REQ authtime: 2013-05-01T20:57:27 starttime:
2013-05-01T20:57:27 endtime: 2013-05-02T06:57:27 renew till:
2013-05-02T20:57:25
Kerberos: AS-REQ steve2 at HH3.SITE
2012 Oct 18
1
mount.cifs: regular freezes with s3fs
cifs-utils-5.6
samba Version 4.0.0rc3
openSUSE 12.2
LAN of XP, w7 and Linux clients under Samba4 DC and s3fs fileserver
Hi
I am testing the possibility of migrating from nfs to cifs to serve our
Linux clients.
Currently we mount the samba shares, e.g. the home directory, using nfs.
The test setup is that instead of:
mount -t nfs hh1:/home2 /home2 -osec=rw,krb5
I changed to:
mount -t cifs
2012 Jan 28
2
nfs4 with Samba 4
Hi everyone
Version 4.0.0alpha18-GIT-bfc7481
openSUSE 12.1
Conventional nfs4 export works fine, but I'm having trouble kerberizing
it for Samba 4 for my Samba 4 users.
I've setup the nfs4 pseudo stuff like this:
hh3:/ # mkdir /export
hh3:/ # mkdir /export/home
hh3:/ # mount --bind /home /export/home
Here is /etc/exports:
/export
2011 Dec 22
1
Samba 4 Kerberos: Failed to decrypt PA-DATA
Hi everyone
After almost 2 days up-time with Samba 4, it failed again. This time it
simply will not restart.
The krb5.conf had got corrupted. I replaced it with this one from
/usr/local/samba/private
/etc/krb5.conf
[libdefaults]
default_realm = HH3.SITE
dns_lookup_realm = false
dns_lookup_kdc = true
It starts up OK:
samba -i -d 3
lpcfg_load: refreshing parameters from
2017 Mar 18
2
kerberos issue (SPN not found) with windows Hyper-V ( samba 4.5.3 AD)
I made some progress with the issue, but didn't solve it completely
It's basically a kind of bug (i'm not sure if it's on kerberos side or
samba, I think samba is the culprit here (?).
Microsoft uses kind of weird SPN for Hyper-V. Weird as there are
"spaces" in the string - which is kind of unique as far as SPN's go,
usually SPN form a complete string.
So I kind
2018 Aug 07
0
gss_accept_sec_context failed with [ Miscellaneous failure (see text): Decrypt integrity check failed]
Hello,
my fileserver (Debian and samba packages 4.2.14+dfsg-0+deb8u9)
connected to an AD with one Windows DC and one Samba DC get every 10
seconds the following error:
[2018/08/07 12:52:15.351515, 1] ../source3/librpc/crypto/gse.c:496(gse_get_server_auth_token)
gss_accept_sec_context failed with [ Miscellaneous failure (see text): Decrypt integrity check failed]
[2018/08/07 12:52:15.351565,
2013 Sep 06
0
Problem with GPO and kerberos
Hi,
I have problem with GPO and dns/kerberos resolution
I do a samba -i -d3 to a log file and started on client: gpupdate /force:
lpcfg_load: refreshing parameters from /srv/samba/etc/smb.conf
params.c:pm_process() - Processing configuration file
"/srv/samba/etc/smb.conf"
samba version 4.1.0rc2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2013
...
ldb_wrap open of
2013 Sep 10
0
Fw: Problem with kerberos and GPO
I found other problem in error log (samba -i -d 3)
GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see
text): Failed to find ADMIN01$@CORMANDOM.INT-CORMAN.BE(kvno 3) in keytab
FILE:/srv/samba/private/secrets.keytab (arcfour-hmac-md5)
I sent a bug for my problems.
best regards
St?phane
-----------------------------------
St?phane PURNELLE Admin.
2013 Sep 06
0
Problem with GPO
Hi,
I have problem with GPO and dns/kerberos resolution
I do a samba -i -d3 to a log file and started on client: gpupdate /force:
lpcfg_load: refreshing parameters from /srv/samba/etc/smb.conf
params.c:pm_process() - Processing configuration file
"/srv/samba/etc/smb.conf"
samba version 4.1.0rc2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2013
GENSEC backend
2011 Dec 31
1
Samba 4 howto add nfs to krb5.keytab
What's the syntax?
I've tried:
samba-tool spn add nfs/HH3.SITE Administrator
which seems to work, but where do I go from here?
THanks,
Steve
2013 Sep 06
1
Problem with kerberos and GPO
Hi,
I have problem with GPO and dns/kerberos resolution
I do a samba -i -d3 to a log file and started on client: gpupdate /force:
lpcfg_load: refreshing parameters from /srv/samba/etc/smb.conf
params.c:pm_process() - Processing configuration file
"/srv/samba/etc/smb.conf"
samba version 4.1.0rc2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2013
...
ldb_wrap open of
2014 Jan 10
1
ddns update fails for reverse zone
Hi everyone.
I have a Linux nsupdate client sending dns update requests via sssd.
Just gone from 4.1.2 to 4.1.3. I've done this:
http://linuxcostablanca.blogspot.com.es/2013/09/samba4-bind9dlz-stale-dns-records-with.html
After which the forward zone update is working fine:
2014-01-10T12:32:35.376142+01:00 hh16 named[4963]: samba_dlz: starting
transaction on zone hh3.site
2012 Jan 25
0
samba 3 a 4 with kerberized nfs4
Hi
openSUSE 12.1 server and client.
I can't get the s4 fileserver nor uid:gid mappings working with s4. I
used nfs and idmapd instead. It's working, but I've a couple of qns.
1. Server fqdn hh3.hh3.site Samba 4, DNS and NFS4
I set up the nfs server with GSSAPI as in this screenshot:
http://2.bp.blogspot.com/-IspbLnfxizc/Txsp-Z1z1tI/AAAAAAAAADk/lsgel498elg/s1600/yastnfs1.png
The nfs
2017 Mar 18
0
kerberos issue (SPN not found) with windows Hyper-V ( samba 4.5.3 AD)
After reviewing logs I found that my previous assumption was wrong.
Situation: - i'm trying to start live migration from hyper-v host A
(BMSRV4-HYPERV) to hyper-v host B (BM-SRV-5) from host B (logged in as
user from DOMAIN ADMINS group).
Kerberos constrained delegation is set in accordnance to microsoft
instructions with proper SPN's set (well, proper as in with the
workaround I
2012 Feb 10
1
latest Samba 4 does not look in keytab
Hi
After upgrading to
Version 4.0.0alpha18-GIT-24ed8c5 on Ubuntu 11.10, Samba 4 no longer
looks in the keytab for my nfs server entry:
mount -t nfs4 foo bar --o sec=krb5
Kerberos: AS-REQ nfs/hh3.hh3.site at HH3.SITE from ipv4:192.168.1.3:53213
for krbtgt/HH3.SITE at HH3.SITE
Kerberos: UNKNOWN -- nfs/hh3.hh3.site at HH3.SITE: no such entry found in hdb
The nfs entry is in the keytab:
klist -ke
2013 May 11
1
S4 nsupdate tsig error with internal server
Hi
I know that this has been addressed before but I couldn't find a
solution. Summary: when attempting to write a dns record using nsupdate,
nothing gets written to the zone due to the error:
; TSIG error with server: tsig verify failure
Everything is working. We can login to the domain from the same client
and we have sssd sending the dyndns update requests which also produce
the same