similar to: Kerberos issues

Displaying 20 results from an estimated 3000 matches similar to: "Kerberos issues"

2024 Jun 26
1
Kerberos issues
On Wed, 26 Jun 2024 14:00:03 +0300 ?????? ??????? via samba <samba at lists.samba.org> wrote: > Hello Samba community! > > I have an legacy system with 7 Windows VM. > In this system, the domain user is used to run services and interact > with individual parts. > I also have one PC on a domain from which I can run RSAT and can > check the Zentyal webconfig. > >
2012 Jan 20
1
Samba 4 Cannot contact any KDC for requested realm
Version 4.0.0alpha18-GIT-957ec28 After starting samba -i -d3, wbinfo -i someuser gives this: ldb_wrap open of secrets.ldb using SPNEGO Selected protocol [8][NT LANMAN 1.0] Cannot reach a KDC we require to contact cifs/hh3.site at SITE : kinit for HH3$@SITE failed (Cannot contact any KDC for requested realm) SPNEGO(gssapi_krb5) NEG_TOKEN_INIT failed: NT_STATUS_NO_LOGON_SERVERS ldb_wrap open of
2019 Feb 26
5
gpo not applied a boot computer
Hello everyone since now a certain time I pull my hair and do not understand the source of my problem. after a samba 3 pdc migration to samba 4.8.5 AD, when a windows client starts the gpo computer is not applied to the boot. in the windows logs there are 1058 GPO errors and server side samba here are the logs: GSS server Update (krb5) (1) Update failed: Miscellaneous failure (see text): Failed
2019 Aug 08
3
Problems joining Samba 4 in the domain
Hi, I have 2 DC in my network. DC master is a Samba 4 and the secondary is Windows Server 2008. I want to put another Samba 4 as DC to replace Windows Server, however the following errors are emerging: root at samba4-dc2:~# samba-tool domain join empresa.com.br DC -k yes -d 3 lpcfg_load: refreshing parameters from /etc/samba/smb.conf GENSEC backend 'gssapi_spnego' registered GENSEC
2013 Jan 27
2
Samba Authentication With Kerberos
Hi All, Im thrying to setup a server with Samba4 with Kerberos. When I want to see list all shares with smbclient with samba authentication, everything works fine. But when I try to authenticate using Kerberos, I get and error. The command I execute is: smbclient -L localhost -k The error message from Samba is: using SPNEGO Selected protocol [8][NT LANMAN 1.0] GSS server Update(krb5)(1)
2009 Dec 04
1
smbtorture config issue?
Hello, I'm trying to run smbtorture against another system. I have installed version 4.0.0alpha9 locally. The remote system is registered with ADS as: distinguishedName: CN=bl-uits-cictest,CN=Computers,DC=ads,DC=iu,DC=edu name: bl-uits-cictest dNSHostName: bl-uits-cictest.ads.iu.edu servicePrincipalName: HOST/bl-uits-cictest.ads.iu.edu servicePrincipalName: HOST/BL-UITS-CICTEST The
2017 Nov 07
3
after DCs migration to 4.7, two things
Hi Marc, Thanks for your reply! > Check if your dynamic DNS works. For details and troubleshooting, see: > https://wiki.samba.org/index.php/Testing_Dynamic_DNS_Updates I'm not sure about the "--all-names" option, but the regular "samba_dnsupdate --verbose" updated all dns records for all DCs shortly after I joined them. The problematic dns records here are
2018 Apr 25
1
4.3.11-Ubuntu fail to add DC to a AD domain
yes, I tried working with samba wiki and quad-verifying what is recommended to be checked. OK, I'll try to join using 18.04. the samba_dnsupdate tool does not have the --use-samba-tool option in ubuntu 16.04 2018-04-25 22:47 GMT+02:00 Rowland Penny via samba <samba at lists.samba.org>: > On Wed, 25 Apr 2018 22:32:10 +0200 > Jakub Kulesza <jakkul+samba at gmail.com> wrote:
2020 Apr 07
2
Join new DC to domain - advice to upgrade Samba 4.
Hello Guys, I have a working Samba 4 DC running on Debian Stretch 9.9 with samba 4.5.16 and I would like to add a new Samba DC (on Debian Stretch 9.9 with the same Samba version). During the joining process I get the error WERR_DS_DRA_MISSING_PARENT. I read this thread https://lists.samba.org/archive/samba/2017-December/212938.html and executed the samba_upgradedns on working DC as Rowland
2017 Feb 01
2
gpupdate - Failed to find DC1 in keytab
Can someone help me with samba4 with internal dns. Something strange showing in log.smbd when computers are doing gpupdate (becouse of this error computers cant apply gpo) log.smbd on DC1: [2017/01/13 13:49:16.075361, 1] ../source4/auth/gensec/gensec_gssapi.c:619(gensec_gssapi_update) GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see text): Failed to find
2017 Nov 07
2
after DCs migration to 4.7, two things
Hi, I migrated our DCs from 4.5/internal dns to 4.7.1/bind9_dlz. Short summary of the steps taken: - added a new temp dc, - removed the old DCs - cleaned sam database - installed new DCs, with their old dns/ip - removed the temp dc again - synced sysvol and all is looking well: no db errors, no replication issues, ldapcmp matches across DCs, etc. So, I took things to production today, and
2024 Jun 05
1
Failed to bind to uuid NT_STATUS_LOGON_FAILURE
Good afternoon, tell me, this error occurs on the domain controller samba v 4.19.0, I paired the domain controller with sssd so that authentication occurs under domain accounts on the domain controller, but as you know, sssd changes the machine password every 30 days if this option is not disabled ad_maximum_machine_account_password_age = 0 I haven?t disabled it for 30 days and as I understand it,
2019 Feb 26
1
Gpo computer not applied a boot system
Bonjour à tous depuis maintenant un certain temps je tire mes cheveux et ne comprends pas la source de mon problème. après une migration de samba 3 pdc vers samba 4.8.5 AD, au démarrage d’un client Windows, l’ordinateur gpo n’est pas appliqué au démarrage. Dans les journaux Windows, il y a 1058 erreurs d'objet de stratégie de groupe et samba côté serveur. Voici les journaux: Mise à jour du
2011 Dec 22
1
Samba 4 Kerberos: Failed to decrypt PA-DATA
Hi everyone After almost 2 days up-time with Samba 4, it failed again. This time it simply will not restart. The krb5.conf had got corrupted. I replaced it with this one from /usr/local/samba/private /etc/krb5.conf [libdefaults] default_realm = HH3.SITE dns_lookup_realm = false dns_lookup_kdc = true It starts up OK: samba -i -d 3 lpcfg_load: refreshing parameters from
2018 Apr 04
3
Unable to rejoin domain, LDAP error 50
Hi, This is strange what you are writing. Are you saying, that if Administrator is in Domain Users group = ALL my users have admins rights? Hard to believe. Moreover, I'm unable to delete Administrator from Domain Users group, as this is my basic group (I received such an info). I believe the keytab is needed to sth, cause without it I keep receiving: [2018/04/03 17:32:39.331938, 1]
2018 Apr 25
2
4.3.11-Ubuntu fail to add DC to a AD domain
Rowland, thank you for answering! I have investigated this a bit, and I think that using 18.04 for the new DC will not be successful anyway. Reasons: the AD I have has been created back in the days when 14.04 LTS was fresh. The provisioning scripts worked differently. 14.04 has been upgraded to 16.04, and I think that I do not have all of the DNSes configured properly and this might be the cause
2019 Jul 16
4
messy replication
Hi all, I have an old dc (4.0.9). Let's call it dc1. I also have a new one (4.5.16) which I'm planning to switch to. Let's call it dc2. After initial set up of dc2 I initialised replication and things looked ok for a couple of weeks. Recently I've managed to mess it up. Possibly by editing users and DNS records. Or copying Kerberos cache and trying to use it elsewhere for
2020 Jul 14
3
Replication only working one way
Checking the databases against each other throws up pages and pages of errors. The two are completely out of sync now. What I have seen is that for no apparent reason, one of the servers suddenly decided it would sync with the Windows server, which appears to have updated the schema. Yesterday when I compared the databases on the two linux servers they only had a couple of errors, today, many
2019 Feb 27
1
gpo not applied a boot computer
Hai, Did you set in the GPO (computer policy) Under System\Logon, "Always wait for the network at computer startup and logon" = Enabled" If its a script, also add these. "Configure Network Options preference extension policy processing" is "Enabled" "Configure Logon Script Delay" = Enabled and set to 0 And, after setting the GPO, reboot 2 x !
2019 Feb 26
2
gpo not applied a boot computer
THANK YOU FOR YOUR REPLY THE RESULT : KVNO Principal ---- -------------------------------------------------------------------------- 1 HOST/samba4 at FSS.LAN (des-cbc-crc) 1 HOST/samba4.fss.lan at FSS.LAN (des-cbc-crc) 1 SAMBA4$@FSS.LAN (des-cbc-crc) 1 HOST/samba4 at FSS.LAN (des-cbc-md5) 1 HOST/samba4.fss.lan at FSS.LAN (des-cbc-md5) 1 SAMBA4$@FSS.LAN (des-cbc-md5) 1