domain join stuck at krb5_get_init_creds_password
Jeremy Allison
jra at samba.org
Thu Apr 29 17:39:27 UTC 2021
On Thu, Apr 29, 2021 at 06:07:12PM +0530, Shilpa K wrote:
>Hi Jeremy,
>
>Thanks for the response. I do not have the network traces. In this case, we
>were using 'net ads join -k' and 'net ads testuser -k'. But what I got to
>know was that there was a firewall for one of the KDCs and Samba tried to
>connect to it and the function krb5_sendto() got blocked in connect(). It
>appears like the timeout value for connect() was 60seconds. As there were
>multiple attempts to connect(), it added to the delay. I tested a fix from
>heimdal which uses non blocking connect with timeout and this seems to help.
Can you point me at the upstream heimdal fix so I can look into
adding this to our version ?
Thanks,
Jeremy.
More information about the samba-technical
mailing list