similar to: krb5.conf & kdc=, explicit vs automatic

Displaying 20 results from an estimated 4000 matches similar to: "krb5.conf & kdc=, explicit vs automatic"

2008 Feb 27
1
krb5.conf file in /var/lib/samba/smb_krb5; Samba 3.0.27a
Hello list, I've upgraded from Samba 3.0.14a to 3.0.27a (Samba is a domain member of a W2k3 native AD) and I see that in the /var/lib/samba/smb_krb5 directory a krb5.conf file is created. Is this krb5.conf file extracted from my original /etc/krb5.conf? Or is this file created from the "password server =" entry in my smb.conf file? My original /etc/krb5.conf contains the DC's in
2009 Dec 14
0
samba caching a broken krb5.conf.NETBIOSDOMAINNAME
i am in a mixed win2000 and win2003 R1 ActiveDirectory environment. Have always had ntlmv2 server and client required. LM and NTLM have always been rejected. That is how it has been for 10 years. Mounting from CentOS 5 to the windows servers has not been an issue for years. However, using ADS credentials for Linux workstation logons has always been a issue. If using ADS credentials to logon
2009 Mar 06
0
krb5.conf in /var/lib/samba/smb_krb5 very different from original
Hi all ! I have some problems browsing a samba share from a Canon ImageRunner printer. It tries to write to a share located on a samba server, configured to authenticate users against a windows 2003 Active directory. Samba version 3.2.6 is running on opensuse 11.1. After a lot of search, I tought that maybe it did not support the encryption type requested by my Samba server, so I checked my
2015 Aug 14
1
winbind_krb5_locator usage
Just a question. Did you create this server on site a and the moved it to site b? >-----Oorspronkelijk bericht----- >Van: samba [mailto:samba-bounces at lists.samba.org] Namens Felix >Matouschek >Verzonden: vrijdag 14 augustus 2015 8:58 >Aan: samba at lists.samba.org >Onderwerp: Re: [Samba] winbind_krb5_locator usage > >Hello, > >i investigated further and
2015 Aug 13
0
winbind_krb5_locator usage
Hi Rowland, /var/run/samba/smb_krb5 does not exist. However /var/cache/samba/smb_krb5 exists, there is a file named "krb5.conf.INTRANET". Contents: [libdefaults] default_realm = INTRANET.VIPCO.DE default_tgs_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 RC4-HMAC DES-CBC-CRC DES-CBC-MD5 default_tkt_enctypes = aes256-cts-hmac-sha1-96
2023 Jun 18
2
Failed to convert SID to a UID
On 18/06/2023 16:29, Dale Renton via samba wrote: > On Sat, Jun 10, 2023 at 1:49?PM Rowland Penny via samba < > samba at lists.samba.org> wrote: >> Dale, just checking back on what you posted earlier and you had: >> >> create krb5 conf = no >> >> in your smb.conf >> >> Is that line still there ? >> If so, try removing it. >>
2006 Feb 01
1
ADS and samba domain member: ads_connect: Cannot resolve network address for KDC in requested realm
Hello, I am having a problem getting my server to join our realm as a domain member server. I have read through google, yahoo, and this list, but I cannot find the answer yet. When I run: net join ads -Uadministrator and try to login it gives the following error: kerberos_kinit_password Administrator@MYREALM.COM failed: Cannot resolve network address for KDC in requested realm
2010 Dec 06
0
Add options to /var/run/samba/smb_krb5/krb5.conf_DOMAIN?
Hi, Are there any way to add options to /var/run/samba/smb_krb5/krb5.conf_DOMAIN? I need to add udp_preference_limit and maybe have a better control on which kdc's are used. Best regards Emil Assarsson Sony Ericsson Mobile Communications AB "The information in this email, and attachment(s) thereto, is strictly confidential and may be legally privileged. It is intended solely for the
2013 Apr 03
0
/var/samba/locks/smb_krb5/krb5.conf.DOM
All, I am running Solaris 10 and Samba 3.6.6. We use intelligent DNS and have more than 10 ADs. In /etc/krb5/krb5.conf I configure kdc and admin_server to point to the IDNS server so any one of our functioning ADs can be used dynamically. I've noticed that /var/samba/locks/smb_krb5/krb5.conf.DOM get created when net ads join is run. I've also noticed that the kdc is set to an IP address
2006 Feb 01
0
Fwd: ADS and samba domain member: ads_connect: Cannot resolve network address for KDC in requested realm
I forgot the smb.conf file: [global] workgroup = MYDOMAIN netbios name = svcanimp socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind gid = 10000-20000 os level = 20 winbind enum groups = yes winbind separator = /
2009 May 15
2
krb5 configuration generation
Hi, Is there any way to stop Samba regenerating the krb5.conf.[WORKGROUP] file under /var/lib/samba/smb_krb5 every time? It appears to completely ignore /etc/krb5.conf, is this expected? Kernel: Linux localhost 2.6.16.60-0.37_f594963d-smp #1 SMP Mon Mar 23 13:39:48 UTC 2009 x86_64 x86_64 x86_64 GNU/Linux smbd -V: Version 3.0.32-0.8-2045-SUSE-CODE10 Thanks, Alex
2023 Dec 04
1
Samba internal DNS client, large replies and TC bit
Hi! We had a painful debugging session today, with a samba AS member server not being able to auth users anymore. The issue seems to be due to defect in samba internal DNS resolution as done in winbind. TL;DR: samba internal DNS client should not rely on UDP-only DNS, but should retry using TCP if TC bit is set in answer. There's a real-life issue with this simplistic DNS implementation.
2016 Jul 18
0
samba 4.4.5 DC with bind9: DNS update failing with NOTAUTH
Am 18.07.2016 um 11:45 schrieb Norbert Hanke: > On 18.07.2016 01:52, Achim Gottinger wrote: >> >> >> Am 18.07.2016 um 01:02 schrieb Norbert Hanke: >>> Hello, >>> >>> I'm trying to join a samba 4 DC to an already existing samba 4 DC, >>> both with BIND9_DLZ. Samba is at version 4.4.5, bind is version >>> 9.10.4-P1, all brand
2016 Jul 18
0
samba 4.4.5 DC with bind9: DNS update failing with NOTAUTH
On 18/07/16 22:31, Norbert Hanke wrote: > On 18.07.2016 22:48, Achim Gottinger wrote: >> >> >> Am 18.07.2016 um 11:45 schrieb Norbert Hanke: >>> On 18.07.2016 01:52, Achim Gottinger wrote: >>>> >>>> >>>> Am 18.07.2016 um 01:02 schrieb Norbert Hanke: >>>>> Hello, >>>>> >>>>> I'm trying
2006 Feb 01
4
ADS and samba domain member: ads_connect: Cannot resolve network address for KDC in requ
Thanks, Unfortunately, I still got the same error. I may be wrong, but it is like it does the automatic lookup process of kdc instead of using the krb5.conf file. However, as per my note below, if I do add bad config info to the krb5.conf, it does complain. David David Shapiro Unix Team Lead 919-765-2011 >>> Dimitri Yioulos <dyioulos@firstbhph.com> 2/1/2006 10:15:49 AM
2017 Jan 26
2
Samba AD/DC Sync To Windows DC Failures
I just added a window server 2008 r2 to be a backup DC for our samba 4.4.5 AD/DC but I am getting an error when trying to manually sync samba to the windows server. I used the link on the wiki site to make the initial sync, which worked great ยง <https://wiki.samba.org/index.php/Joining_a_Windows_Server_2008_/_2008_R2_ DC_to_a_Samba_AD> Joining a Windows Server 2008 / 2008 R2 DC to a
2016 Dec 11
0
Samba 4.51 Solaris 11 AD client
If I add winbind rpc only = Yes to smb.conf file then "wbinfo -u" will list users in the current domain. It won't list users in any trusted domains (including domains in the same forest.) This indicates that the domain is having some issue retrieving user names via LDAP. The forest is 2008 function level. The domain was 2003 functional level but I just raised that
2007 Mar 04
1
net ads join to w2k3 hangs, every encryption type fails
I am able to get a kerberos ticket with kinit. When I try to net ads join, it seems to loop. In running net ads join in -d 10, I found that it tries enctypes 18,17,16,and 2 and then repeats, over and over. It does not seem to work on any of these. I'm trying to get it to join a win2k3 domain. Below is the bottom part of the log from net ads join, as well as some of my krb5.conf. Any
2017 Nov 01
5
kerberos + winbind + AD authentication for samba 4 domain member
Hello, Thank You for fast response. I'm glad that it's a mistake somewhere on my side, it means it will work when I fix it :) Ok, first of all: Everything is on centos 7.4 All config files will be below, but to start off: behaviour is stranger than I thought, but there is a pattern: when doing [DOMAIN\kacper_wirski at vs-files ~]$ kinit -V Using default cache: /tmp/krb5cc_101003
2013 Oct 10
0
Samba4 can't join domain - drsuapi.DsBindInfoFallBack object has no attribute
I have a Win2k3 server and am trying to manage a Samba4 box (name:UBUNTUSERVER, running Ubuntu 12.04.3 + Samba 4.0.10) as a backup. All seemed well, but after a problem with replication (result 1306 WERR_REVISION_MISMATCH), I couldn't even demote the samba4 DC. So I deleted from SERVERW2K3, deleted /usr/local/samba and re-compiled everything. Also ran make quicktest, all seems OK. Now, this