[Samba] Solution -- can connect via IP but not by name
Andrew Bartlett
abartlet at samba.org
Wed Jan 28 21:04:00 GMT 2004
On Thu, 2004-01-29 at 00:53, Wolfgang Wagner wrote:
> > From: Gerald (Jerry) Carter [mailto:jerry at samba.org]
> >
> > The only way I have been able to reproduce this locally
> > using MIT 1.3.1 is by setting a list of permitted_enctypes
> > in /etc/krb5.conf. For example,
> >
> > ~ [libdefaults]
> > ~ dns_lookup_kdc = true
> > ~ default_tgs_enctypes = des-cbc-md5
> > ~ default_tkt_enctypes = des-cbc-md5
> > ~ permitted_enctypes = des-cbc-md5 des-cbc-crc
> >
> > Commenting out the last line solved things in my tests. Usually
> > I have a very minimal krb5.conf which works correctly.
> >
> > ~ [libdefaults]
> > ~ dns_lookup_kdc = true
> >
> > The end result is that this is a kerberos configuration issue
> > and not a Samba bug (Of course you could call it our bug
> > since kinit works and we don't). I would be grateful if the
> > people experiencing this problem could either confirm or
> > refute my theory.
>
> Hello,
>
> here using samba V3.0.1-Debian this config does not change behaviour.
> even afer restarting samba and winbindd.
>
> I am using Debian-Woody with packages from http:\\www.backports.org.
You need to be running krb5 1.3.1.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040129/893de7bc/attachment.bin
More information about the samba
mailing list