[Samba] Samba 3.0.37 with Windows Server 2008

Andrew Masterson Andrew.Masterson at nuvistaenergy.com
Thu Aug 12 14:53:07 MDT 2010

-----Original Message-----
From: samba-bounces at lists.samba.org
[mailto:samba-bounces at lists.samba.org] On Behalf Of Nick Couchman
Sent: Wednesday, August 11, 2010 8:22 AM
To: Robert Freeman-Day
Cc: samba at lists.samba.org
Subject: Re: [Samba] Samba 3.0.37 with Windows Server 2008

> Nick,
> I would suggest looking at your available encryption types available
> Solaris.  We ran into this before and this bug supplied a work around
> that fixed us.
> http://bugs.opensolaris.org/bugdatabase/printableBug.do?bug_id=6534506

> If you want to find out the encryption levels available to your
> you can issue:
> # cryptoadm list

Okay, so I can do this, but the "extra" file is not present on
OpenSolaris, and the only other three pkcs libraries that are present
are in use on the system.  Also, I'm able to successfully use kinit to
get a kerberos ticket from the command line on the Solaris system, but
Samba still fails.

Thanks for the lead - I'll continue to track it down!



Trying to use anything other than arcfour-hmac-md5 failed for me when
trying to connect to a 2008SP2 DC (even the aes128 and 256 types didn't
work the last time I tried about 8 months ago).


 default_realm = XXX.XXX
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 forwardable = yes
 default_tkt_enctypes = arcfour-hmac-md5 aes256-cts-hmac-sha1-96
 default_tgs_enctypes = arcfour-hmac-md5 aes256-cts-hmac-sha1-96


More information about the samba mailing list