[Samba] security = ads parameter not working in samba 4.9.5
Sac Isilia
udaypratap.singh65 at gmail.com
Fri Nov 29 11:28:43 UTC 2019
Hi Rowland,
I get below error while running the script again.
bash samba-collect-debug-info.sh > samba-output
kinit: Client's credentials have been revoked while getting initial
credentials
cat samba-output
Please wait, collecting debug info.
Wrong password or kerberos REALM problems, exiting now.
Below is my /etc/krb5.conf
[libdefaults]
default_realm = EMEA.MEDIA.GLOBAL.LOC
# The following krb5.conf variables are only for MIT Kerberos.
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
# The following encryption type specification will be used by MIT Kerberos
# if uncommented. In general, the defaults in the MIT Kerberos code are
# correct and overriding these specifications only serves to disable new
# encryption types as they are added, creating interoperability problems.
#
# The only time when you might need to uncomment these lines and change
# the enctypes is if you have local software that will break on ticket
# caches containing ticket encryption types it doesn't know about (such as
# old versions of Sun Java).
# default_tgs_enctypes = des3-hmac-sha1
# default_tkt_enctypes = des3-hmac-sha1
# permitted_enctypes = des3-hmac-sha1
# The following libdefaults parameters are only for Heimdal Kerberos.
fcc-mit-ticketflags = true
[realms]
MEDIA.GLOBAL.LOC = {
kdc = 10.11.137.100
default_domain = media.global.loc
admin_server = 10.11.137.100
}
EMEA.MEDIA.GLOBAL.LOC = {
kdc = 10.10.136.95
default_domain = media.global.loc
admin_server = 10.10.136.95
}
[domain_realm]
media.global.loc = MEDIA.GLOBAL.LOC
.media.global.loc = MEDIA.GLOBAL.LOC
.emea-media.global.loc = EMEA.MEDIA.GLOBAL.LOC
emea-media.global.loc = EMEA.MEDIA.GLOBAL.LOC
Regards
Sachin Kumar
On Thu, Nov 28, 2019 at 3:57 PM Rowland penny via samba <
samba at lists.samba.org> wrote:
> On 28/11/2019 04:00, Sac Isilia wrote:
> > Hi Rowland ,
> >
> > I tried running the script that you gave but it gave me below error.
> >
> > bash samba-collect-debug-info.sh > samba-output
> > kinit: Client's credentials have been revoked while getting initial
> > credentials
> >
> Okay, open the script in your favourite editor, go to line 60, it should
> be 'exit 1'. Comment this line by putting a '#' at the start, close and
> save and then run the script again ;-)
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list