[Samba] Samba 3.0.37 with Windows Server 2008
Andrew.Masterson at nuvistaenergy.com
Thu Aug 12 14:53:07 MDT 2010
From: samba-bounces at lists.samba.org
[mailto:samba-bounces at lists.samba.org] On Behalf Of Nick Couchman
Sent: Wednesday, August 11, 2010 8:22 AM
To: Robert Freeman-Day
Cc: samba at lists.samba.org
Subject: Re: [Samba] Samba 3.0.37 with Windows Server 2008
> I would suggest looking at your available encryption types available
> Solaris. We ran into this before and this bug supplied a work around
> that fixed us.
> If you want to find out the encryption levels available to your
> you can issue:
> # cryptoadm list
Okay, so I can do this, but the "extra" file is not present on
OpenSolaris, and the only other three pkcs libraries that are present
are in use on the system. Also, I'm able to successfully use kinit to
get a kerberos ticket from the command line on the Solaris system, but
Samba still fails.
Thanks for the lead - I'll continue to track it down!
Trying to use anything other than arcfour-hmac-md5 failed for me when
trying to connect to a 2008SP2 DC (even the aes128 and 256 types didn't
work the last time I tried about 8 months ago).
default_realm = XXX.XXX
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
forwardable = yes
default_tkt_enctypes = arcfour-hmac-md5 aes256-cts-hmac-sha1-96
default_tgs_enctypes = arcfour-hmac-md5 aes256-cts-hmac-sha1-96
More information about the samba