[Samba] bad encryption type when accessing AD member server
Derek T. Yarnell
derek at cs.umd.edu
Tue Sep 30 14:20:52 GMT 2003
Can you send the default debian krb5.conf? I would like to see what the
differences are with my krb5.conf.
Thanks.
On Tue, Sep 30, 2003 at 11:45:35AM +0200, Henning Holtschneider wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Monday 29 September 2003 17:59, Henning Holtschneider wrote:
>
> > I'm trying to access a Samba 3.0 server (running on Debian unstable) in an
> > Active Directory environment. I successfully joined the domain, klist shows
> > my Kerberos ticket(s) and I can use smbclient -k to access a Windows 2000
> > server. However, when I try to access a share on the Samba machine from a
> > Windows 2000 client, I'm being asked for the password and Samba logs:
> > [...]
> > [2003/09/29 13:17:02, 3] libads/kerberos_verify.c:ads_verify_ticket(317)
> > ads_verify_ticket: krb5_rd_req with auth failed (Bad encryption type)
>
> I replaced Debian's default krb5.conf (which looks like MIT Kerberos' sample
> file) with the minimum configuration described in the Samba documentation and
> finally the connection from the Windows clients works! Don't know why I
> didn't try that earlier ...
>
> Sorry about the noise,
>
> <-gninneH<-
> - --
> __ _ __ __ Henning Holtschneider
> / / ___ _______ _/ |/ /__ / /_ <henning at loca.net>
> / /__/ _ \/ __/ _ `/ / -_) __/
> /____/\___/\__/\_,_/_/|_/\__/\__/ ...net happens!
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
>
> iD8DBQE/eVC/P9goCV2uudcRArZOAJ9RWeUl/H8umC19zZLZy8NZ58UHCACfcI3q
> M0tr3nsdEy02fli9vC+2MAY=
> =mnRw
> -----END PGP SIGNATURE-----
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
--
---
Derek T. Yarnell
University of Maryland
Computer Science Department Unix Staff
derek at cs.umd.edu
More information about the samba
mailing list