Did not manage to negotiate mandetory feature SIGN for dcerpc auth_level 6
Taylor, Jonn
jonnt at taylortelephone.com
Thu Nov 29 11:26:08 MST 2012
Correction CentOS 6.3 x86_64.
On 11/29/2012 12:15 PM, Taylor, Jonn wrote:
> Getting is error on startup. This is a 2003 domain on CentOS 5.8 x86_64.
>
> [2012/11/27 16:51:33, 0] ../source4/smbd/server.c:369(binary_smbd_main)
> samba version 4.1.0pre1-GIT-5f2edd1 started.
> Copyright Andrew Tridgell and the Samba Team 1992-2012
> [2012/11/27 16:51:34, 0] ../source4/smbd/server.c:475(binary_smbd_main)
> samba: using 'standard' process model
> [2012/11/27 16:51:40, 0] ../auth/gensec/gensec.c:247(gensec_update)
> Did not manage to negotiate mandetory feature SIGN for dcerpc
> auth_level 6
> [2012/11/27 16:51:40, 0]
> ../source4/librpc/rpc/dcerpc_util.c:681(dcerpc_pipe_auth_recv)
> Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for
> e3514235-4b06-11d1-ab04-00c04fc2dcd2 at ncacn_ip_tcp:ed9ddc6b-ed45-4183-81ff-733bb675350a._msdcs.taylortelephone.com[1025,seal,krb5]
> NT_STATUS_ACCESS_DENIED
> [root at dc3 samba-master]# dig
> ed9ddc6b-ed45-4183-81ff-733bb675350a._msdcs.taylortelephone.com
>
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.3 <<>>
> ed9ddc6b-ed45-4183-81ff-733bb675350a._msdcs.taylortelephone.com
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6761
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;ed9ddc6b-ed45-4183-81ff-733bb675350a._msdcs.taylortelephone.com. IN A
>
> ;; ANSWER SECTION:
> ed9ddc6b-ed45-4183-81ff-733bb675350a._msdcs.taylortelephone.com. 600
> IN CNAME dc1.taylortelephone.com.
> dc1.taylortelephone.com. 3600 IN A 192.168.173.13
>
> ;; Query time: 4 msec
> ;; SERVER: 192.168.173.13#53(192.168.173.13)
> ;; WHEN: Thu Nov 29 12:06:26 2012
> ;; MSG SIZE rcvd: 115
>
> [root at dc3 samba-master]# klist -e
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: administrator at TAYLORTELEPHONE.COM
>
> Valid starting Expires Service principal
> 10/15/12 13:22:48 10/15/12 23:24:26
> krbtgt/TAYLORTELEPHONE.COM at TAYLORTELEPHONE.COM
> renew until 10/16/12 13:22:48, Etype (skey, tkt): arcfour-hmac,
> arcfour-hmac
> [root at dc3 samba-master]#
>
More information about the samba-technical
mailing list