[Samba] missing enctypes in exported keytab
Rowland Penny
rpenny at samba.org
Mon Apr 29 17:21:28 UTC 2019
On Mon, 29 Apr 2019 19:02:44 +0200
Christian via samba <samba at lists.samba.org> wrote:
> >>> Thats a strange one..
> >>>
> >>>> This is correct: 'dns-dc2' uses "msDS-SupportedEncryptionTypes":
> >>>> 31 (0x0000001f)
> >>> Try this first.
> >>> sudo samba-tool domain exportkeytab dns.keytab
> >>> --principal=dns-dc2
> >> Same result. Cheers,
> >>
> > what is the output of 'samba-tool domain level show'
> root at dc1:~# samba-tool domain level show
> Domain and forest function level for domain 'DC=.....'
>
> Forest function level: (Windows) 2003
> Domain function level: (Windows) 2003
> Lowest function level of a DC: (Windows) 2008 R2
>
> root at dc1:~#
>
> Thanks,
>
> Christian
>
>
That explains it ;-)
Try raising the functional level to 2008R2
samba-tool domain level raise --forest-level=2008_R2 --domain-level=2008_R2
Rowland
More information about the samba
mailing list