similar to: Samba 4 GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Decrypt integrity check failed

Hi I'm trying to get an Ubuntu 14.04 client to update its rr to a working bind dns DC with Samba 4.1.7. The setup is the same as with our openSUSE clients with sssd 1.11.15 sssd.conf id_provider = ad auth_provider = ad access_provider = ad ldap_id_mapping = False /etc/hosts 127.0.0.1 lubuntu-laptop.hh3.site lubuntu-laptop 127.0.1.1 localhost But it is sending a request for the wrong

Hi I'm trying to get an Ubuntu 14.04 client to update its rr to a working bind dns DC with Samba 4.1.7. The setup is the same as with our openSUSE clients with sssd 1.11.15 sssd.conf id_provider = ad auth_provider = ad access_provider = ad ldap_id_mapping = False /etc/hosts 127.0.0.1 lubuntu-laptop.hh3.site lubuntu-laptop 127.0.1.1 localhost But it is sending a request for the wrong

Hi everyone I'm trying to use kerberos to authenticate to Samba 4 ldap. At the moment, I authenticate by specifying the binddn and password in /etc/nslcd.conf and all works fine If I add the line: sasl_mech GSSAPI to /etc/nslcd.conf and restart nslcd, no one can connect to the database. Nothing works. ldapsearch and getent passwd draw a blank. ldapsearch -x -b '' -sbase

Hi I have Samba 4 installed and working. I recently changed FQDN to dns name hh3.hh3.site. It works OK and e.g. on a windows 7 box which joined the domain, users can logon. But I have a mess in the keytab: klist -k /etc/krb5.keytab Keytab name: WRFILE:/etc/krb5.keytab KVNO Principal ---- -------------------------------------------------------------------------- 2 HH3$@HH3.HH1.SITE 2

Samba 4.0.6 git both DC and fileserver with openSUSE 12.3 clients Hi I'm trying to debug why logins to Linux clients are sometimes slow. Here is a login with the user steve2 requesting his (automounted) home folder: ] Kerberos: TGS-REQ authtime: 2013-05-01T20:57:27 starttime: 2013-05-01T20:57:27 endtime: 2013-05-02T06:57:27 renew till: 2013-05-02T20:57:25 Kerberos: AS-REQ steve2 at HH3.SITE

cifs-utils-5.6 samba Version 4.0.0rc3 openSUSE 12.2 LAN of XP, w7 and Linux clients under Samba4 DC and s3fs fileserver Hi I am testing the possibility of migrating from nfs to cifs to serve our Linux clients. Currently we mount the samba shares, e.g. the home directory, using nfs. The test setup is that instead of: mount -t nfs hh1:/home2 /home2 -osec=rw,krb5 I changed to: mount -t cifs

Hi everyone Version 4.0.0alpha18-GIT-bfc7481 openSUSE 12.1 Conventional nfs4 export works fine, but I'm having trouble kerberizing it for Samba 4 for my Samba 4 users. I've setup the nfs4 pseudo stuff like this: hh3:/ # mkdir /export hh3:/ # mkdir /export/home hh3:/ # mount --bind /home /export/home Here is /etc/exports: /export

Hi everyone After almost 2 days up-time with Samba 4, it failed again. This time it simply will not restart. The krb5.conf had got corrupted. I replaced it with this one from /usr/local/samba/private /etc/krb5.conf [libdefaults] default_realm = HH3.SITE dns_lookup_realm = false dns_lookup_kdc = true It starts up OK: samba -i -d 3 lpcfg_load: refreshing parameters from

I made some progress with the issue, but didn't solve it completely It's basically a kind of bug (i'm not sure if it's on kerberos side or samba, I think samba is the culprit here (?). Microsoft uses kind of weird SPN for Hyper-V. Weird as there are "spaces" in the string - which is kind of unique as far as SPN's go, usually SPN form a complete string. So I kind

Hello, my fileserver (Debian and samba packages 4.2.14+dfsg-0+deb8u9) connected to an AD with one Windows DC and one Samba DC get every 10 seconds the following error: [2018/08/07 12:52:15.351515, 1] ../source3/librpc/crypto/gse.c:496(gse_get_server_auth_token) gss_accept_sec_context failed with [ Miscellaneous failure (see text): Decrypt integrity check failed] [2018/08/07 12:52:15.351565,

Hi, I have problem with GPO and dns/kerberos resolution I do a samba -i -d3 to a log file and started on client: gpupdate /force: lpcfg_load: refreshing parameters from /srv/samba/etc/smb.conf params.c:pm_process() - Processing configuration file "/srv/samba/etc/smb.conf" samba version 4.1.0rc2 started. Copyright Andrew Tridgell and the Samba Team 1992-2013 ... ldb_wrap open of

I found other problem in error log (samba -i -d 3) GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Failed to find ADMIN01$@CORMANDOM.INT-CORMAN.BE(kvno 3) in keytab FILE:/srv/samba/private/secrets.keytab (arcfour-hmac-md5) I sent a bug for my problems. best regards St?phane ----------------------------------- St?phane PURNELLE Admin.

Hi, I have problem with GPO and dns/kerberos resolution I do a samba -i -d3 to a log file and started on client: gpupdate /force: lpcfg_load: refreshing parameters from /srv/samba/etc/smb.conf params.c:pm_process() - Processing configuration file "/srv/samba/etc/smb.conf" samba version 4.1.0rc2 started. Copyright Andrew Tridgell and the Samba Team 1992-2013 GENSEC backend

What's the syntax? I've tried: samba-tool spn add nfs/HH3.SITE Administrator which seems to work, but where do I go from here? THanks, Steve

Hi, I have problem with GPO and dns/kerberos resolution I do a samba -i -d3 to a log file and started on client: gpupdate /force: lpcfg_load: refreshing parameters from /srv/samba/etc/smb.conf params.c:pm_process() - Processing configuration file "/srv/samba/etc/smb.conf" samba version 4.1.0rc2 started. Copyright Andrew Tridgell and the Samba Team 1992-2013 ... ldb_wrap open of

Hi everyone. I have a Linux nsupdate client sending dns update requests via sssd. Just gone from 4.1.2 to 4.1.3. I've done this: http://linuxcostablanca.blogspot.com.es/2013/09/samba4-bind9dlz-stale-dns-records-with.html After which the forward zone update is working fine: 2014-01-10T12:32:35.376142+01:00 hh16 named[4963]: samba_dlz: starting transaction on zone hh3.site

Hi openSUSE 12.1 server and client. I can't get the s4 fileserver nor uid:gid mappings working with s4. I used nfs and idmapd instead. It's working, but I've a couple of qns. 1. Server fqdn hh3.hh3.site Samba 4, DNS and NFS4 I set up the nfs server with GSSAPI as in this screenshot: http://2.bp.blogspot.com/-IspbLnfxizc/Txsp-Z1z1tI/AAAAAAAAADk/lsgel498elg/s1600/yastnfs1.png The nfs

After reviewing logs I found that my previous assumption was wrong. Situation: - i'm trying to start live migration from hyper-v host A (BMSRV4-HYPERV) to hyper-v host B (BM-SRV-5) from host B (logged in as user from DOMAIN ADMINS group). Kerberos constrained delegation is set in accordnance to microsoft instructions with proper SPN's set (well, proper as in with the workaround I

Hi After upgrading to Version 4.0.0alpha18-GIT-24ed8c5 on Ubuntu 11.10, Samba 4 no longer looks in the keytab for my nfs server entry: mount -t nfs4 foo bar --o sec=krb5 Kerberos: AS-REQ nfs/hh3.hh3.site at HH3.SITE from ipv4:192.168.1.3:53213 for krbtgt/HH3.SITE at HH3.SITE Kerberos: UNKNOWN -- nfs/hh3.hh3.site at HH3.SITE: no such entry found in hdb The nfs entry is in the keytab: klist -ke

Hi I know that this has been addressed before but I couldn't find a solution. Summary: when attempting to write a dns record using nsupdate, nothing gets written to the zone due to the error: ; TSIG error with server: tsig verify failure Everything is working. We can login to the domain from the same client and we have sssd sending the dyndns update requests which also produce the same