[Samba] smbclient and Kerberos
Data Control Systems - Mike Elkevizth
mike at datacontrolsystems.com
Fri Nov 4 20:48:43 UTC 2016
Mine seem to work fine also using Ubuntu 16.04.1 on the servers and a
separate workstation client. My /etc/krb5.conf files on the servers and
clients are all simply:
[libdefaults]
default_realm = REALM.EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = true
Mike E.
On Fri, Nov 4, 2016 at 4:10 PM, Kevr via samba <samba at lists.samba.org>
wrote:
> Hi All
>
> Is this behaviour expected in smbclient:
>
> I have a kerberized Samba server and a share that works as expected on
> desktop clients, but when I use smbclient with a valid ticket with the -k
> flag I get a KDC lookup failure
>
> kev at client:/home/testuser$ smbclient -k -L //fileserver
> gss_init_sec_context failed with [ Miscellaneous failure (see text):
> unable to reach any KDC in realm LAN]
> SPNEGO(gse_krb5) creating NEG_TOKEN_INIT failed: NT_STATUS_INTERNAL_ERROR
> session setup failed: NT_STATUS_INTERNAL_ERROR
>
> I've noticed that if I configure the KDC server in the [realm] section of
> my /etc/krb5.conf everything works fine.
>
> Does smbclient not use the DNS for KDC lookup?
>
> I am using version Version 4.3.11-Ubuntu on Ubuntu 16.04.1
>
> Thanks
>
>
>
> Kevin Ratcliffe
>
> Sent from [ProtonMail](https://protonmail.ch)
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list