aarons-samba at aberrant.org
Thu Sep 2 14:29:12 MDT 2010
I'm not sure how, but my secrets.keytab is messed up. My PDC running
samba4 is named FOO, and secrets.keytab contains 4 keys for FOO with
kvno 1. When I run samba with -d1, I was seeing this:
Failed to find FOO$@BAR.COM(kvno 6) in keytab
Since I couldn't figure out how to make the keytab and ldb agree, I
hacked the keytab to set kvno =6. Unsurprisingly that doesn't result in
a valid keytab, so now I'm just getting decrypt integrity check errors.
How can I fix this without wiping everything and starting over?
p.s: as an interesting side note, there are a couple of hostnames that
resolve to foo. If, from a windows machine, I attempt to open \\FOO, I
am prompted for a login (because of the decryption failure, I assume --
it never used to prompt) which never succeeds, but if I open \\bar.com,
which also resolves to the same IP as foo, it actually shows me the
shares (maybe they're cached?) although I get a misc. error when I try
to open them.
More information about the samba-technical