[cifs-protocol] RE: [Pfif] Other types of Kerberos messages on
SamLogon Generic
Andrew Bartlett
abartlet at samba.org
Wed Sep 10 01:37:06 GMT 2008
On Tue, 2008-09-09 at 07:46 -0700, Hongwei Sun wrote:
> Metze,
>
>
>
> After we set time correctly, we got the following output. The error
> doesn't look like related to verify PAC message. Maybe we didn't go
> further enough. Any suggestion?
>
>
>
> Thanks!
>
>
>
> Hongwei
>
>
>
> --- After setting time ----
>
> [root at fed8 source]# bin/smbtorture //VM-W2K8.test.net/public RPC-PAC
> -UTESTDOM/administrator%P at ssw0rd
Add -k yes --realm=test.net
> TEST verify FAILED! - torture/rpc/remote_pac.c:101: status was
> NT_STATUS_INVALID_PARAMETER, expected NT_STATUS_OK:
It failed to connect using kerberos (which was strictly required for
this test) because it did not find the KDC (or some other
pre-requisite).
Also ensure your krb5.conf points the kerberos libs to your KDC with:
[libdefaults]
default_realm = S4.NAOMI.ABARTLET.NET
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
forwardable = yes
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080910/d411b23b/attachment.bin
More information about the cifs-protocol
mailing list