[Samba] GSS server Update(krb5)(1) Update failed: Miscellaneous failure
Andrew Bartlett
abartlet at samba.org
Wed Mar 31 01:47:00 UTC 2021
So some client is connecting with to the old server by the old name,
likely the previous DC? If so, demote it.
If it is already deleted in LDAP and DNS then this will go away when
the client credentials cache expires.
Andrew Bartlett
On Tue, 2021-03-30 at 22:22 -0300, Carlos Alberto Panozzo Cunha wrote:
> Uhum ... I change name but i re-used IP. In ase it tis problem re-
> used ip?
> Or will this message disappear in time? or how to solve?
>
> Thanks
>
>
> In ase it tis problema re-used ip or with tie de "msg erro" dont
>
> Em ter., 30 de mar. de 2021 às 20:46, Andrew Bartlett <
> abartlet at samba.org> escreveu:
> > On Tue, 2021-03-30 at 20:23 -0300, Carlos via samba wrote:
> > > Hi! I Join im new dc, thats is ok but in log o see
> > >
> > >
> > > GSS server Update(krb5)(1) Update failed: Miscellaneous failure
> > > (see
> > > text): Failed to find DCXXX$@XXXX(kvno 1) in keytab
> > > FILE:/opt/samba/private/secr
> > > ets.keytab (arcfour-hmac-md5)
> > >
> > >
> > > It is a problem ?
> >
> > This just means that your DC has been contacted by a client who has
> > a
> > ticket encrypted by the KDC with a different machine account
> > password.
> >
> > This often happens after a domain re-join as the passwords are re-
> > randomised, or if a name or IP is otherwise re-used.
> >
> > Andrew Bartlett
> >
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst IT - Expert Open Source
Solutions
More information about the samba
mailing list