similar to: Windows AD report KRB5KDC_ERR_ETYPE_NOSUPP when client request AES ticket

Hi, In function auth3_check_password of file source3/auth/auth_ntlmssp.c, it load smb.conf by lp_load_with_shares(get_dyn_CONFIGFILE());. I am wondering why it is needed since smbd has load config before and it hurts the performance when smb.conf is large. Thanks, Haihua

Hi, I am testing Google's recent ability to integrate Chromebooks into AD and it's failing when I try to join the device to the domain. When I run wireshark during the test I notice 2 TGS-REQs from the device that are answered with KRB5KDC_ERR_ETYPE_NOSUPP. The Chromebook is only passing AES256-cts-hmac-sha1-96 and AES128-cts-hmac-sha1-96 as enc types. I was getting the same result from

I ran both scripts last night and was able to get the Chromebook to join the domain this morning. Thanks, Achim! For posterity's sake, I should mention that I changed the user's password when I enabled AES on their Account tab, in ADUC. Thanks, Mike On Wed, Dec 27, 2017 at 9:52 AM, Achim Gottinger via samba < samba at lists.samba.org> wrote: > Hello Mike, > > Can be you

Hello Mike, Can be you need to recreate the machine and tgt password on yout server so it adds the aes enc types for these after raising the functional domai level. The required scripts can be found in tthe samba sources in /source4/scripting/devel/ Use chdcpass for the machine-account and chgkrbtgtpass for the tgt account. I did this on an single addc server a while back and had no issues.

Dear all, this is using debian stretch and Louis' 4.8.11 packages. I am trying to export a keytab, and even for a UPN, samba does not export the AES keys. What could be the mistake? root at dc2:~# net ads enctypes list dns-dc2 'dns-dc2' uses "msDS-SupportedEncryptionTypes": 31 (0x0000001f) [X] 0x00000001 DES-CBC-CRC [X] 0x00000002 DES-CBC-MD5 [X] 0x00000004 RC4-HMAC [X]

Am 16.09.2016 um 22:00 schrieb Robert Moulton via samba: > Achim Gottinger via samba wrote on 9/15/16 1:20 AM: >> >> >> Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba: >>> On Wed, 14 Sep 2016 16:23:27 -0500 >>> Michael A Weber via samba <samba at lists.samba.org> wrote: >>> >>>>> On Sep 14, 2016, at 2:00 PM, Achim

Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba: > On Wed, 14 Sep 2016 16:23:27 -0500 > Michael A Weber via samba <samba at lists.samba.org> wrote: > >>> On Sep 14, 2016, at 2:00 PM, Achim Gottinger <achim at ag-web.biz> >>> wrote: >>> >>> >>> >>> Am 14.09.2016 um 20:33 schrieb Michael A Weber: >>>>>

Am 16.09.2016 um 22:49 schrieb Rowland Penny via samba: > On Fri, 16 Sep 2016 22:43:42 +0200 > Achim Gottinger via samba <samba at lists.samba.org> wrote: > >> >> Am 16.09.2016 um 22:00 schrieb Robert Moulton via samba: >>> Achim Gottinger via samba wrote on 9/15/16 1:20 AM: >>>> >>>> Am 15.09.2016 um 09:35 schrieb Rowland Penny via

On Fri, 16 Sep 2016 13:00:52 -0700 Robert Moulton via samba <samba at lists.samba.org> wrote: > Achim Gottinger via samba wrote on 9/15/16 1:20 AM: > > > > > > Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba: > >> On Wed, 14 Sep 2016 16:23:27 -0500 > >> Michael A Weber via samba <samba at lists.samba.org> wrote: > >> >

Am 16.09.2016 um 22:54 schrieb Robert Moulton via samba: > Achim Gottinger via samba wrote on 9/16/16 1:43 PM: >> >> >> Am 16.09.2016 um 22:00 schrieb Robert Moulton via samba: >>> Achim Gottinger via samba wrote on 9/15/16 1:20 AM: >>>> >>>> >>>> Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba: >>>>> On Wed,

Am 16.09.2016 um 23:00 schrieb Robert Moulton via samba: > Rowland Penny via samba wrote on 9/16/16 1:43 PM: >> On Fri, 16 Sep 2016 13:00:52 -0700 >> Robert Moulton via samba <samba at lists.samba.org> wrote: >> >>> Achim Gottinger via samba wrote on 9/15/16 1:20 AM: >>>> >>>> >>>> Am 15.09.2016 um 09:35 schrieb Rowland Penny

Am 17.09.2016 um 00:29 schrieb Robert Moulton via samba: > Achim Gottinger via samba wrote on 9/16/16 3:05 PM: >> >> >> Am 16.09.2016 um 23:00 schrieb Robert Moulton via samba: >>> Rowland Penny via samba wrote on 9/16/16 1:43 PM: >>>> On Fri, 16 Sep 2016 13:00:52 -0700 >>>> Robert Moulton via samba <samba at lists.samba.org> wrote:

Achim Gottinger via samba wrote on 9/16/16 4:14 PM: > > > Am 17.09.2016 um 00:54 schrieb Achim Gottinger via samba: >> >> >> Am 17.09.2016 um 00:29 schrieb Robert Moulton via samba: >>> Achim Gottinger via samba wrote on 9/16/16 3:05 PM: >>>> >>>> >>>> Am 16.09.2016 um 23:00 schrieb Robert Moulton via samba:

> On Sep 14, 2016, at 12:23 PM, Achim Gottinger via samba <samba at lists.samba.org> wrote: > > > > Am 14.09.2016 um 18:23 schrieb Michael A Weber: >> Question though, just for my curiosity: >> >> The encryption algorithms specified after each SPN: I see that aes-256 is listed when I export the user, but not the SPN. Are those expected, or have I done

> On Sep 14, 2016, at 1:10 PM, Achim Gottinger <achim at ag-web.biz> wrote: > > > > Am 14.09.2016 um 19:53 schrieb Michael A Weber: >> >>> On Sep 14, 2016, at 12:23 PM, Achim Gottinger via samba <samba at lists.samba.org <mailto:samba at lists.samba.org>> wrote: >>> >>> >>> >>> Am 14.09.2016 um 18:23 schrieb

> On Sep 14, 2016, at 2:00 PM, Achim Gottinger <achim at ag-web.biz> wrote: > > > > Am 14.09.2016 um 20:33 schrieb Michael A Weber: >> >>> On Sep 14, 2016, at 1:10 PM, Achim Gottinger <achim at ag-web.biz <mailto:achim at ag-web.biz>> wrote: >>> >>> >>> >>> Am 14.09.2016 um 19:53 schrieb Michael A Weber:

Am 17.09.2016 um 02:19 schrieb Achim Gottinger via samba: > > > Am 17.09.2016 um 01:23 schrieb Robert Moulton: >> Achim Gottinger via samba wrote on 9/16/16 4:14 PM: >>> >>> >>> Am 17.09.2016 um 00:54 schrieb Achim Gottinger via samba: >>>> >>>> >>>> Am 17.09.2016 um 00:29 schrieb Robert Moulton via samba:

On Fri, Sep 16, 2016 at 6:08 PM, Achim Gottinger via samba <samba at lists.samba.org> wrote: > > > Am 17.09.2016 um 02:36 schrieb Achim Gottinger via samba: >> >> >> >> Am 17.09.2016 um 02:19 schrieb Achim Gottinger via samba: >>> >>> >>> >>> Am 17.09.2016 um 01:23 schrieb Robert Moulton: >>>> >>>>

Am 17.09.2016 um 04:53 schrieb Achim Gottinger via samba: > > > Am 17.09.2016 um 03:24 schrieb r moulton via samba: >> On Fri, Sep 16, 2016 at 6:08 PM, Achim Gottinger via samba >> <samba at lists.samba.org> wrote: >>> >>> Am 17.09.2016 um 02:36 schrieb Achim Gottinger via samba: >>>> >>>> >>>> Am 17.09.2016 um 02:19

Am 17.09.2016 um 17:07 schrieb Achim Gottinger via samba: > > > Am 17.09.2016 um 06:14 schrieb Achim Gottinger via samba: >> >> >> Am 17.09.2016 um 04:53 schrieb Achim Gottinger via samba: >>> >>> >>> Am 17.09.2016 um 03:24 schrieb r moulton via samba: >>>> On Fri, Sep 16, 2016 at 6:08 PM, Achim Gottinger via samba >>>>