bug? kerberos tickets with rc4-hmac: enc type  failed to
decrypt with error Bad encryption type
abartlet at samba.org
Fri Feb 20 11:44:30 GMT 2004
On Fri, 2004-02-20 at 22:29, Stefan Beck wrote:
> I'm trying to use samba 3.0.2 on debian sid as win2k ads member.
> Using kerberos from linux works perfectly, but accessing the samba server from a
> win2k domain member fails.
> e.g. net view \\zzzgfs
> system error 5 occured
> Access denied
> The samba log shows:
> 2004/02/20 12:18:26, 10] libads/kerberos_verify.c:ads_verify_ticket(323)
> ads_verify_ticket: enc type  failed to decrypt with error Bad encryption type
> [2004/02/20 12:18:26, 10] passdb/secrets.c:secrets_named_mutex_release(709)
> secrets_named_mutex: released mutex for replay cache mutex
> [2004/02/20 12:18:26, 3] libads/kerberos_verify.c:ads_verify_ticket(330)
> ads_verify_ticket: krb5_rd_req with auth failed (Bad encryption type)
> [2004/02/20 12:18:26, 1] smbd/sesssetup.c:reply_spnego_kerberos(173)
> Failed to verify incoming ticket!
> [2004/02/20 12:18:26, 3] smbd/error.c:error_packet(94)
> error string = No such file or directory
> [2004/02/20 12:18:26, 3] smbd/error.c:error_packet(118)
> error packet at smbd/sesssetup.c(174) cmd=115 (SMBsesssetupX)
This almost always means you either have not installed MIT Krb5 1.3.1,
or you have set your krb5.conf to deny this encryption type.
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040220/0563dabb/attachment.bin
More information about the samba-technical