[Samba] bad encryption type when accessing AD member server

Alexander List alexlist at sbox.tu-graz.ac.at
Thu Oct 2 12:34:31 GMT 2003

On Tue, 30 Sep 2003, Henning Holtschneider wrote:

> > [2003/09/29 13:17:02, 3] libads/kerberos_verify.c:ads_verify_ticket(317)
> > ads_verify_ticket: krb5_rd_req with auth failed (Bad encryption type)
> I replaced Debian's default krb5.conf (which looks like MIT Kerberos' sample
> file) with the minimum configuration described in the Samba documentation and
> finally the connection from the Windows clients works! Don't know why I
> didn't try that earlier ...

The problem is that the Debian krb5-config package installed a default
krb5.conf that was too restrictive with the encryption types. I already
filed a bug against the krb5-config package which has been acknowledged by
the developer. I guess future new installations shouldn't expose this


"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty not safety."
		--Benjamin Franklin, 1759

More information about the samba mailing list