[Samba] Upgrade from 4.11.6 to 4.12.2 created authentication issues
James Atwell
james.atwell365 at gmail.com
Sun May 17 23:46:52 UTC 2020
On 5/17/2020 5:17 PM, Rowland penny via samba wrote:
> On 17/05/2020 21:54, James Atwell wrote:
>> I assume it's trying to create a tmp krb5.conf because the user I'm
>> logged into the domain member isn't a domain user? The tmp krb5.conf
>> never gets created even if I run as sudo. etc/krb5.conf does exist
>> though.
>
> You are logging into a domain joined machine as a local user and then
> wonder why you are having problems ?
>
> Unless the user is root, there is a line like this in the smb.conf
> 'username map = /etc/samba/user.map' and the 'user.map' contains
> '!root = DOMAIN\Administrator', where 'DOMAIN' is your netbios domain.
>
>>
>> I'm not tied to Ubuntu or Ubuntu 16.04 or 18.04.
>
> It should work on 16.04, try sorting the above problem out first.
>
> Rowland
>
>
>
I decided to create a fresh domain member and attempt to join the
domain. It fails. See error below.
root at membervm:/# /usr/local/samba/bin/net ads join -U administrator
Enter administrator's password:
gse_get_client_auth_token: gss_init_sec_context failed with [
Miscellaneous failure (see text): encryption type 3 not
supported](2529638972)
kinit succeeded but ads_sasl_spnego_gensec_bind(KRB5) failed for
ldap/pfdc1.samba.local with user[administrator] realm[SAMBA.LOCAL]: The
attempted logon is invalid. This is either due to a bad username or
authentication information.
gse_get_client_auth_token: gss_init_sec_context failed with [
Miscellaneous failure (see text): encryption type 3 not
supported](2529638972)
Using short domain name -- SAMBA
Joined 'MEMBERVM' to dns domain 'samba.local'
No DNS domain configured for membervm. Unable to perform DNS Update.
DNS update failed: NT_STATUS_INVALID_PARAMETER
-James
More information about the samba
mailing list