Displaying 20 results from an estimated 5000 matches similar to: "krb5.conf & kdc=, explicit vs automatic"
2008 Feb 27
1
krb5.conf file in /var/lib/samba/smb_krb5; Samba 3.0.27a
Hello list,
I've upgraded from Samba 3.0.14a to 3.0.27a (Samba is a domain member of a
W2k3 native AD) and I see that in the /var/lib/samba/smb_krb5 directory a
krb5.conf file is created.
Is this krb5.conf file extracted from my original /etc/krb5.conf? Or is this
file created from the "password server =" entry in my smb.conf file?
My original /etc/krb5.conf contains the DC's in
2009 Dec 14
0
samba caching a broken krb5.conf.NETBIOSDOMAINNAME
i am in a mixed win2000 and win2003 R1 ActiveDirectory environment.
Have always had ntlmv2 server and client required. LM and NTLM have
always been rejected. That is how it has been for 10 years.
Mounting from CentOS 5 to the windows servers has not been an issue
for years. However, using ADS credentials for Linux workstation
logons has always been a issue. If using ADS credentials to logon
2009 Mar 06
0
krb5.conf in /var/lib/samba/smb_krb5 very different from original
Hi all !
I have some problems browsing a samba share from a Canon ImageRunner printer.
It tries to write to a share located on a samba server, configured to authenticate users against a windows 2003 Active directory.
Samba version 3.2.6 is running on opensuse 11.1.
After a lot of search, I tought that maybe it did not support the encryption type requested by my Samba server, so I checked my
2015 Aug 14
1
winbind_krb5_locator usage
Just a question.
Did you create this server on site a and the moved it to site b?
>-----Oorspronkelijk bericht-----
>Van: samba [mailto:samba-bounces at lists.samba.org] Namens Felix
>Matouschek
>Verzonden: vrijdag 14 augustus 2015 8:58
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] winbind_krb5_locator usage
>
>Hello,
>
>i investigated further and
2015 Aug 13
0
winbind_krb5_locator usage
Hi Rowland,
/var/run/samba/smb_krb5 does not exist.
However /var/cache/samba/smb_krb5 exists, there is a file named "krb5.conf.INTRANET".
Contents:
[libdefaults]
default_realm = INTRANET.VIPCO.DE
default_tgs_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 RC4-HMAC DES-CBC-CRC DES-CBC-MD5
default_tkt_enctypes = aes256-cts-hmac-sha1-96
2023 Jun 18
2
Failed to convert SID to a UID
On 18/06/2023 16:29, Dale Renton via samba wrote:
> On Sat, Jun 10, 2023 at 1:49?PM Rowland Penny via samba <
> samba at lists.samba.org> wrote:
>> Dale, just checking back on what you posted earlier and you had:
>>
>> create krb5 conf = no
>>
>> in your smb.conf
>>
>> Is that line still there ?
>> If so, try removing it.
>>
2006 Feb 01
1
ADS and samba domain member: ads_connect: Cannot resolve network address for KDC in requested realm
Hello,
I am having a problem getting my server to join our realm as a domain
member server. I have read through google, yahoo, and this list, but I
cannot find the answer yet.
When I run: net join ads -Uadministrator and try to login it gives the
following error:
kerberos_kinit_password Administrator@MYREALM.COM failed: Cannot
resolve network address for KDC in requested realm
2010 Dec 06
0
Add options to /var/run/samba/smb_krb5/krb5.conf_DOMAIN?
Hi,
Are there any way to add options to /var/run/samba/smb_krb5/krb5.conf_DOMAIN?
I need to add udp_preference_limit and maybe have a better control on which kdc's are used.
Best regards
Emil Assarsson
Sony Ericsson Mobile Communications AB
"The information in this email, and attachment(s) thereto, is strictly confidential and may be legally privileged. It is intended solely for the
2013 Apr 03
0
/var/samba/locks/smb_krb5/krb5.conf.DOM
All,
I am running Solaris 10 and Samba 3.6.6. We use intelligent DNS and have more than 10 ADs. In /etc/krb5/krb5.conf I configure kdc and admin_server to point to the IDNS server so any one of our functioning ADs can be used dynamically. I've noticed that /var/samba/locks/smb_krb5/krb5.conf.DOM get created when net ads join is run. I've also noticed that the kdc is set to an IP address
2006 Feb 01
0
Fwd: ADS and samba domain member: ads_connect: Cannot resolve network address for KDC in requested realm
I forgot the smb.conf file:
[global]
workgroup = MYDOMAIN
netbios name = svcanimp
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind gid = 10000-20000
os level = 20
winbind enum groups = yes
winbind separator = /
2009 May 15
2
krb5 configuration generation
Hi,
Is there any way to stop Samba regenerating the krb5.conf.[WORKGROUP] file under /var/lib/samba/smb_krb5 every time?
It appears to completely ignore /etc/krb5.conf, is this expected?
Kernel: Linux localhost 2.6.16.60-0.37_f594963d-smp #1 SMP Mon Mar 23 13:39:48 UTC 2009 x86_64 x86_64 x86_64 GNU/Linux
smbd -V: Version 3.0.32-0.8-2045-SUSE-CODE10
Thanks,
Alex
2023 Dec 04
1
Samba internal DNS client, large replies and TC bit
Hi!
We had a painful debugging session today, with a samba AS member server
not being able to auth users anymore.
The issue seems to be due to defect in samba internal DNS resolution as
done in winbind.
TL;DR: samba internal DNS client should not rely on UDP-only DNS, but
should retry using TCP if TC bit is set in answer. There's a real-life
issue with this simplistic DNS implementation.
2016 Jul 18
0
samba 4.4.5 DC with bind9: DNS update failing with NOTAUTH
Am 18.07.2016 um 11:45 schrieb Norbert Hanke:
> On 18.07.2016 01:52, Achim Gottinger wrote:
>>
>>
>> Am 18.07.2016 um 01:02 schrieb Norbert Hanke:
>>> Hello,
>>>
>>> I'm trying to join a samba 4 DC to an already existing samba 4 DC,
>>> both with BIND9_DLZ. Samba is at version 4.4.5, bind is version
>>> 9.10.4-P1, all brand
2016 Jul 18
0
samba 4.4.5 DC with bind9: DNS update failing with NOTAUTH
On 18/07/16 22:31, Norbert Hanke wrote:
> On 18.07.2016 22:48, Achim Gottinger wrote:
>>
>>
>> Am 18.07.2016 um 11:45 schrieb Norbert Hanke:
>>> On 18.07.2016 01:52, Achim Gottinger wrote:
>>>>
>>>>
>>>> Am 18.07.2016 um 01:02 schrieb Norbert Hanke:
>>>>> Hello,
>>>>>
>>>>> I'm trying
2006 Feb 01
4
ADS and samba domain member: ads_connect: Cannot resolve network address for KDC in requ
Thanks,
Unfortunately, I still got the same error. I may be wrong, but it is
like it does the automatic lookup process of kdc instead of using the
krb5.conf file. However, as per my note below, if I do add bad config
info to the krb5.conf, it does complain.
David
David Shapiro
Unix Team Lead
919-765-2011
>>> Dimitri Yioulos <dyioulos@firstbhph.com> 2/1/2006 10:15:49 AM
2017 Jan 26
2
Samba AD/DC Sync To Windows DC Failures
I just added a window server 2008 r2 to be a backup DC for our samba 4.4.5
AD/DC but I am getting an error when trying to manually sync samba to the
windows server.
I used the link on the wiki site to make the initial sync, which worked
great
ยง
<https://wiki.samba.org/index.php/Joining_a_Windows_Server_2008_/_2008_R2_
DC_to_a_Samba_AD> Joining a Windows Server 2008 / 2008 R2 DC to a
2007 Mar 04
1
net ads join to w2k3 hangs, every encryption type fails
I am able to get a kerberos ticket with kinit. When I try to net ads join, it seems to loop. In running net ads join in -d 10,
I found that it tries enctypes 18,17,16,and 2 and then repeats, over and over. It does not seem to work on any of these. I'm
trying to get it to join a win2k3 domain. Below is the bottom part of the log from net ads join, as well as some of my
krb5.conf. Any
2016 Dec 11
0
Samba 4.51 Solaris 11 AD client
If I add
winbind rpc only = Yes
to smb.conf file then "wbinfo -u" will list users in the current domain. It
won't list users in any trusted domains (including domains in the same
forest.) This indicates that the domain is having some issue retrieving
user names via LDAP.
The forest is 2008 function level. The domain was 2003 functional level
but I just raised that
2017 Nov 01
5
kerberos + winbind + AD authentication for samba 4 domain member
Hello,
Thank You for fast response. I'm glad that it's a mistake somewhere on
my side, it means it will work when I fix it :)
Ok, first of all:
Everything is on centos 7.4
All config files will be below, but to start off: behaviour is stranger
than I thought, but there is a pattern:
when doing
[DOMAIN\kacper_wirski at vs-files ~]$ kinit -V
Using default cache: /tmp/krb5cc_101003
2013 Oct 10
0
Samba4 can't join domain - drsuapi.DsBindInfoFallBack object has no attribute
I have a Win2k3 server and am trying to manage a Samba4 box (name:UBUNTUSERVER, running Ubuntu 12.04.3 + Samba 4.0.10) as a backup. All seemed well, but after a problem with replication (result 1306 WERR_REVISION_MISMATCH), I couldn't even demote the samba4 DC. So I deleted from SERVERW2K3, deleted /usr/local/samba and re-compiled everything. Also ran make quicktest, all seems OK.
Now, this