[Samba] Upgrade from 4.11.6 to 4.12.2 created authentication issues
Rowland penny
rpenny at samba.org
Sun May 17 17:43:00 UTC 2020
On 17/05/2020 16:54, James Atwell wrote:
>
> Strange results on a domain member
>
> jatwell at osticket:~$ net ads user info administrator -U administrator
> Enter administrator's password:
> create_local_private_krb5_conf_for_domain: smb_mkstemp failed, for
> file /var/run/samba/smb_tmp_krb5.Bgy6b4. Errno Permission denied
>
That works for me, but on Devuan (Debian Buster sans systemd), why is it
trying to create a temporary krb5.conf ?
>
> If run as root I get this.
>
> root at osticket:~# net ads user info administrator -U administrator
> Enter administrator's password:
> gss_init_sec_context failed with [ Miscellaneous failure (see text):
> encryption type 3 not supported]
> kinit succeeded but ads_sasl_spnego_gensec_bind(KRB5) failed: An
> internal error occurred.
> gss_init_sec_context failed with [ Miscellaneous failure (see text):
> encryption type 3 not supported]
> gss_init_sec_context failed with [ Miscellaneous failure (see text):
> encryption type 3 not supported]
> kinit succeeded but ads_sasl_spnego_gensec_bind(KRB5) failed: An
> internal error occurred.
>
Okay, just what is in that temp krb5.conf (I am taking that it is being
used) and why is it using one and not the one in /etc ?
>
> Running this command on all my DC's
>
Are you wedded to Ubuntu 16.04 ? why not upgrade to 20.04 (or something
else) ?
>
> A google search of the error landed me on the samba list with mention
> to this error. Reading the thread I see a member mention moving the
> samba folder and building again. So I did. After the build and install
> I copied back the following files folders from my original samba folder
>
> * etc
> * private
> * sysvol
>
I would have moved the Samba directory out of the way, demoted the DC,
installed Samba again and rejoined the DC
Rowland
More information about the samba
mailing list