GSS Update(krb5)(1) Update failed

Marcel Ritter Marcel.Ritter at rrze.uni-erlangen.de
Tue May 4 03:16:49 MDT 2010


On 05/04/2010 06:58 AM, Rohit Rajan wrote:
> Dear all,
Hi,

I'm seeing the same problems here:

GSS Update(krb5)(1) Update failed:  Miscellaneous failure (see text):
Failed to find S4-DC1$@LINEX.ORG(kvno 17) in keytab
FILE:/var/lib/samba4/private/secrets.keytab (arcfour-hmac-md5)
SPNEGO(gssapi_krb5) NEG_TOKEN_INIT failed: NT_STATUS_LOGON_FAILURE
SPNEGO login failed: NT_STATUS_LOGON_FAILURE

I guess the problem is not the missing entry, but the wrong
KVNO (key version number):

s4-dc1 # klist -ke FILE:/var/lib/samba4/private/secrets.keytab
Keytab name: FILE:/var/lib/samba4/private/secrets.keytab
KVNO Principal
----
--------------------------------------------------------------------------
  18 S4-DC1$@LINEX.ORG (DES cbc mode with RSA-MD5)
  18 S4-DC1$@LINEX.ORG (AES-256 CTS mode with 96-bit SHA-1 HMAC)
  18 S4-DC1$@LINEX.ORG (Triple DES cbc mode with HMAC/sha1)
  18 S4-DC1$@LINEX.ORG (ArcFour with HMAC/md5)

However I have no idea where the request with a lower KVNO comes from :-(

Bye,
   Marcel
>
> I'm running a samba Version 4.0.0alpha12-GIT-e904443 i have the
> following error in logs what do i do, its not able to find the Domain
> controller in keytab file.
>
> is there a way to add the domain account to keytab file??
>
> dreplsrv_notify_schedule(5) scheduled for: Tue May  4 10:09:33 2010 IST
> using SPNEGO
> Selected protocol [5][NT LM 0.12]
> GSS Update(krb5)(1) Update failed:  Miscellaneous failure (see text):
> Failed to find XXXDC01$@EXAMPLE.COM(kvno 17) in keytab
> FILE:/usr/local/samba/private/secrets.keytab (arcfour-hmac-md5)
> SPNEGO(gssapi_krb5) NEG_TOKEN_INIT failed: NT_STATUS_LOGON_FAILURE
> SPNEGO login failed: NT_STATUS_LOGON_FAILURE
> Terminating connection - 'NT_STATUS_END_OF_FILE'
> Terminating connection - 'NT_STATUS_END_OF_FILE'
> single_terminate: reason[NT_STATUS_END_OF_FILE]
> using SPNEGO
> Selected protocol [5][NT LM 0.12]
> GSS Update(krb5)(1) Update failed:  Miscellaneous failure (see text):
> Failed to find XXXDC01$@EXAMPLE.COM(kvno 17) in keytab
> FILE:/usr/local/samba/private/secrets.keytab (arcfour-hmac-md5)
> SPNEGO(gssapi_krb5) NEG_TOKEN_INIT failed: NT_STATUS_LOGON_FAILURE
> SPNEGO login failed: NT_STATUS_LOGON_FAILURE
> Terminating connection - 'NT_STATUS_END_OF_FILE'
> Terminating connection - 'NT_STATUS_END_OF_FILE'
> single_terminate: reason[NT_STATUS_END_OF_FILE]
>
> This message may contain confidential, proprietary or legally
> privileged information. In case you are not the original intended
> recipient of the message, you must not, directly or indirectly, use,
> disclose, distribute, print, or copy any part of this message and you
> are requested to delete it and inform the sender.
> Any views expressed in this message are those of the individual sender
> unless otherwise stated. Nothing contained in this message shall be
> construed as an offer or acceptance of any offer by "Catalyst Business
> Partners" or any of its subsidiaries unless sent with that express
> intent and with due authority of Catalyst Business Partners.
> Catalyst Business Partners has taken sufficient measures and
> precautions to prevent the spread of viruses. However the company
> accepts no liability for any damage caused by any virus transmitted by
> this email.
>


More information about the samba-technical mailing list