Displaying 20 results from an estimated 300 matches similar to: "Win10 forcing NTLMSSP when KRB5 desired"
2016 Nov 05
2
Win10 forcing NTLMSSP when KRB5 desired
On Fri, Nov 4, 2016 at 6:24 PM, Jeremy Allison <jra at samba.org> wrote:
> On Thu, Nov 03, 2016 at 04:58:56PM +0000, J K via samba wrote:
> > Hi all,
> >
> > I've 4.5.1 Samba on a machine with SSSD 1.13.4 setup and joined with a
> > Windows Server 2012 domain. Everything works great for Windows 8.1 - I
> can
> > connect to the Samba share and get
2008 Aug 05
2
Leopard Macs using Kerberos: Failed to parse negTokenTarg
I think I've found out why MacOS 10.5.x (Leopard) clients are unable to
connect to Samba shares when authenticating with Kerberos. Basically,
the
Leopard Macs insert a few extra bytes (Padding and reqFlags,
according to
wireshark) into the security blob within the Session Setup AndX Request
packet, bytes whose start tag is 0xa1, in a spot where Samba's parser
expects 0xa2. The critical
2016 Nov 04
0
Win10 forcing NTLMSSP when KRB5 desired
On Thu, Nov 03, 2016 at 04:58:56PM +0000, J K via samba wrote:
> Hi all,
>
> I've 4.5.1 Samba on a machine with SSSD 1.13.4 setup and joined with a
> Windows Server 2012 domain. Everything works great for Windows 8.1 - I can
> connect to the Samba share and get authenticated as a domain user and files
> are created with the correct Windows domain username and group.
>
2009 Mar 19
2
Server 2008 and Samba 3.0.25b
Hi Folks -
I'm experiencing a very strange problem with Server 2008 machines (for
all intents and purposes related to Samba, it's Vista) connecting to a
Samba Server. The Samba machine is a RHEL4.6 machine running Samba
3.0.25b. I am joined to the mixed mode AD domain via the command "net
rpc join -U administrator <domain>". I am not using winbind or
kerberos. Or
2016 Nov 07
1
Win10 forcing NTLMSSP when KRB5 desired
Thanks for the direction Jeremy - the people of sssd-users are indeed good
and helpful people and have pointed me to the fix :) (see
https://lists.fedorahosted.org/archives/list/sssd-users at lists.fedorahosted.org/thread/UJJYWCIJL5AFGV3RACYCBFPHN3NMJMNY/
).
BTW, thanks for all your great contributions to Samba!
On Sat, Nov 5, 2016 at 4:54 PM, Jeremy Allison <jra at samba.org> wrote:
>
2018 Apr 19
4
Share authentication problem
Hi @ll !
I am trying to set up a samba fileserver in SuSe 42.3 as domain member
in a debian based Samba4 AD. The join seems to be ok, as I can get
/wbinfo -u/ and /-g/, and /getent group/ and /passwd/.
I can also list all browsable shares with /smbclient -L \\SambaFS
-Uusername/, but when i add -k, I get following errors :
/SPNEGO(gse_krb5) creating NEG_TOKEN_INIT for cifs/Samba1 failed
2018 Jun 30
2
DM 3.6.25 -> 4.x
additional note:
# kinit sgw
Password for sgw at customer.INTRA:
# smbclient \\\\u1customer\\IT -U sgw -k
SPNEGO(gse_krb5) creating NEG_TOKEN_INIT for cifs/u1customer failed
(next[(null)]): NT_STATUS_INVALID_PARAMETER
SPNEGO: Could not find a suitable mechtype in NEG_TOKEN_INIT
session setup failed: NT_STATUS_INVALID_PARAMETER
(krb5.conf already reduced to minimum, btw)
Does that point to
2020 Sep 15
4
smbclient ignores configured kerberos ccache when using krb5-user on ubuntu/debian
Hello all.
I'm encountering an issue where smbclient seemingly ignores the kerberos
ccache as configured in krb5.conf when using "krb5-user" as the kerberos
package and will instead always default to using "FILE:/tmp/krb5cc_uid".
I tested each valid default ccache name type but smbclient completely
ignores whatever is set as the "default_ccache_name" in the conf
2018 Jun 30
2
DM 3.6.25 -> 4.x
On Sat, 30 Jun 2018 21:02:57 +0200
"Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote:
>
> additional:
>
> the krb5.conf from the former admin, I assume it could or should be
> boiled down:
> # cat /etc/krb5.conf
The standard one for Samba is just this:
[libdefaults]
default_realm = CUSTOMER.INTRA
dns_lookup_realm = false
2019 Feb 14
3
smbclient error talking to Netapp with SMB 3.11 / Samba 4.7.11
Hi Rowland,
-<| Quoting Rowland Penny via samba <rpenny at samba.org>, on Wednesday, 2019-02-13 05:01:19 PM |>-
> On Wed, 13 Feb 2019 17:16:21 +0100
> Philipp Gesang via samba <samba at lists.samba.org> wrote:
> > -<| Quoting L.P.H. van Belle via samba <belle at bazuin.nl>, on
> > Wednesday, 2019-02-13 04:59:55 PM |>-
> > >
2019 Feb 13
2
smbclient error talking to Netapp with SMB 3.11 / Samba 4.7.11
Hi Louis,
thanks for your reply.
-<| Quoting L.P.H. van Belle via samba <belle at bazuin.nl>, on Wednesday, 2019-02-13 04:59:55 PM |>-
>
> DOM.AIN\foobar's password:
> ^^^^^^^^
>
> No dot is allowed in the NTDOM
> Fix that first, then try again.
That’s the output when logon succeeds though nor does the value
seem to matter anywhere else. This is just Samba
2006 Aug 29
2
change password on 1st signon
Is there a way to enable user to change password on first signon?
2024 Oct 25
0
Could not find a suitable mechtype in NEG_TOKEN_INIT error in libsmbclient 4.19.4
>
>> Looking at the packet captures, when its working on libsmbclient 4.10,
>> it first sends a SMB1 negotiate protocol request, to which server
>> sends back a SMB2 response. Then there is a SMB2 negotiate protocol
>> request/response again.
>>
>> In 4.19, there is a SMB2 client negotiate protocol request
>> straightaway and to which the server
2024 Oct 25
0
Could not find a suitable mechtype in NEG_TOKEN_INIT error in libsmbclient 4.19.4
> gensec_spnego_client_negTokenInit_step: Could not find a suitable mechtype
> in NEG_TOKEN_INIT
Turns out that this error comes up when gnutls enforces fips mode.
Behaviour of gnutls when fips mode is enabled is different in Centos7 vs
Almalinux 9.4. With updated gnutls, samba fails when fips mode is enabled.
Workaround is to use the GNUTLS_FORCE_FIPS_MODE environment variable to
set/unset
2011 Apr 28
0
[squid-users] got NTLMSSP command 1, expected 3
Hello, Samba team .
my problem with users getting popup auth windows randomly while
surfing in Internet
I am getting this log in my cache.log
[2011/03/05 16:21:05, 1] libsmb/ntlmssp.c:335(ntlmssp_update)
got NTLMSSP command 1, expected 3
[2011/03/05 16:21:06, 1] libsmb/ntlmssp.c:335(ntlmssp_update)
got NTLMSSP command 1, expected 3
[2011/03/05 16:21:07, 1]
2004 Apr 22
1
Problems with ntlm_auth --helper-protocol=squid-2.5-ntlmssp
Hi Guys,
i've installed a Fedora Core 1 with samba 3 and squid 2.5 stable 3 (all
with redhat rpms).
Now i've joined our internal active directory and i see that "wbinfo -u",
"wbinfo -g" and "wbinfo -a user%password" works great.
ntlm_auth --helper-protocol=squid-2.5-basic works ok too but..
ntlm_auth --helper-protocol=squid-2.5-ntlmssp does respond only
2006 Feb 01
1
secure channel & ntlmssp in 3.0.21b
hello
Apparently something seems to be changed since 3.0.20b.
I have two servers: one domain PDC and one domain member server
On both servers I had set
server schannel = No
client schannel = No
I installed 3.0.21b and I could no longer make connections to shares
defined on the domain member server
When I tried to add another server to the domain I got this error
[root@ls-cc3-tst samba]# net
2006 May 02
1
Called NTLMSSP after state machine was 'done'
Hi !!
I am installing Squid-2.5 Stable 13, on a FedoraCore 5 x86_64 machine, doing
ntlm authentication through Samba 3.0.22, wich was installed via rpm.
Everything is working fine except that the browser every now and then asks
for the username and password.
I have done some basic samba tests, like wbinfo -t, wbinfo -u and wbinfo -g,
and everthing worked ok.
Looking at squid?s cache.log, I
2008 Aug 29
2
SPNEGO NTLMSSP failure
Hi,
The cifs client that I am working on is having some problem with SPNEGO/NTLMSSP. Session Setup AndX is failing in the last exchange of NTLMSSP. The error I am getting is 0xC00000D(STATUS_INVALID_PARAMETER). I am also seeing the following message in the log
"spnego_parse_auth(466) spnego_auth_parse failed at 7. "
I am using Heimdal library to generate SPNEGO/NTLMSSP messages.
I
2015 Dec 09
0
NTLMSSP NTLM2 packet check failed due to invalid signature
Am 09.12.2015 um 16:41 schrieb Carlos A. P. Cunha:
> hehehe
> Thank you for your attention.
> Know if you have a more "easy" to update the 4.3.0 -> 4.3.2 not be
> presented here.
>
> https://wiki.samba.org/index.php/Updating_Samba
>
> Application patch, exemple....
4.3.0 -> 4.3.2 don't need any special examples becaus eit is a *bugfix
only* minor