[Samba] Bind 9.12.x support status
Andrew Bartlett
abartlet at samba.org
Wed Sep 5 21:29:15 UTC 2018
On Thu, 2018-09-06 at 00:01 +0300, Taner Tas via samba wrote:
> Hi,
>
> I recently noticed that when doing "samba_dns --all-names --verbose"
> against Bind-9.12, I can't update dns records. I'm getting these error
> messages for each record to update:
>
I think this is the key (pardon the pun):
> daemon.err [6942]: samba_dlz: spnego update failed
Are you running a build with MIT Kerberos?
There is a replay cache implemented in that codebase that we need to
disable/work around in Samba, because we do a deliberate replay (we
parse/decrypt it a second time to get the PAC) of the Kerberos ticket
here.
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba
mailing list