[cifs-protocol] RE: [Pfif] Other types of Kerberos messages on SamLogon Generic

Andrew Bartlett abartlet at samba.org
Wed Sep 10 01:37:06 GMT 2008

On Tue, 2008-09-09 at 07:46 -0700, Hongwei Sun wrote:
> Metze,
>  After we set time correctly, we got the following output.   The error
> doesn't look like related to verify PAC message.   Maybe we didn't go
> further enough.  Any suggestion?
> Thanks!
> Hongwei
> --- After setting time ----
> [root at fed8 source]# bin/smbtorture //VM-W2K8.test.net/public RPC-PAC
> -UTESTDOM/administrator%P at ssw0rd

Add -k yes --realm=test.net

> TEST verify FAILED! - torture/rpc/remote_pac.c:101: status was

It failed to connect using kerberos (which was strictly required for
this test) because it did not find the KDC (or some other

Also ensure your krb5.conf points the kerberos libs to your KDC with:
 default_realm = S4.NAOMI.ABARTLET.NET
 dns_lookup_realm = true
 dns_lookup_kdc = true
 ticket_lifetime = 24h
 forwardable = yes

Andrew Bartlett
Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080910/d411b23b/attachment.bin

More information about the cifs-protocol mailing list