likewise-open 6 and samba4
Hannu Tikka
hannu.tikka at rpkk.fi
Tue May 17 04:08:50 MDT 2011
The 11.04 system was upgrade from 10.04.
I made fresh 11.04 install and Likewise works ok
Hannu
> On 11 May 2011 07:27, Hannu Tikka <hannu.tikka at rpkk.fi> wrote:
>> Hi!
>>
>> I have functional ltsp setup on ubuntu 10.04 with likewise-open 5.4
>> authenticating against samba4 server and using samba3 shares.
>>
>> Testing with ubuntu 11.04 with likewise 6 has no success. When trying to
>> join domain likewise gives LW_ERROR_PASSWORD_MISMATCH error and samba4
>> log
>> shows:
>>
>> Kerberos: AS-REQ administrator at DOM.COM from ipv4:10.4.101.226:57614 for
>> krbtgt/DOM.COM at DOM.COM
>> Kerberos: Client sent patypes: encrypted-timestamp, 149
>> Kerberos: Looking for PKINIT pa-data -- administrator at DOM.COM
>> Kerberos: Looking for ENC-TS pa-data -- administrator at DOM.COM
>> Kerberos: Failed to decrypt PA-DATA -- administrator at DOM.COM (enctype
>> aes256-cts-hmac-sha1-96) error Decrypt integrity check failed for
>> checksum
>> type hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
>> Kerberos: Failed to decrypt PA-DATA -- administrator at DOM.COM
>>
>> I have not found any clue what is different in lw6. Is it using
>> different
>> encryption type?
>
> Well it's complaining about a decryption failure rather than an
> unsupported enctype. But, see if it helps to change the various
> enctype options in /etc/krb5.conf to have arcfour-hmac-md5 first in
> the list, or else just remove the other types.
>
> P.S. I am no Kerberos/Likewise/AD/Samba4 expert.
>
> --
> Michael Wood <esiotrot at gmail.com>
>
More information about the samba-technical
mailing list