[Samba] openindiana GSSAPI failure to samba 4.6.6
Ralph Böhme
slow at samba.org
Fri Jul 28 13:45:58 UTC 2017
On Fri, Jul 28, 2017 at 09:20:29AM -0400, Greg Dickie via samba wrote:
> Hi,
>
> We recently updated our AD servers to 4.6.6 and one of the things that
> stopped working was our zfs server running illumos. The idmap daemon is
> trying to bind to ldap using sasl/GSSAPI and is failing with
>
> additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS
> failure. Minor code may provide more information (Client not found in
> Kerberos database)
not 100% sure, but iirc this one should help:
ldap server require strong auth = allow_sasl_over_tls
Cf https://www.samba.org/samba/security/CVE-2016-2112.html
-slow
More information about the samba
mailing list