[Samba] GSS server Update(krb5)(1) Update failed: Miscellaneous failure

Carlos carlos.hollow at gmail.com
Wed Mar 31 15:06:33 UTC 2021 

HI

Regards;


Em 30/03/2021 23:17, Carlos Alberto Panozzo Cunha escreveu:
>
> The old dc was demote (i first primary).
>
> Yes, to things that using the old name for access, that's why I kept 
> the same IP.
>
> Can I leave it this way or does this imply a problem today or in the 
> future?
>
> thanks and regards;
>
> Em ter., 30 de mar. de 2021 às 22:47, Andrew Bartlett 
> <abartlet at samba.org <mailto:abartlet at samba.org>> escreveu:
>
>     So some client is connecting with to the old server by the old name,
>     likely the previous DC?  If so, demote it.
>
>     If it is already deleted in LDAP and DNS then this will go away when
>     the client credentials cache expires.
>
>     Andrew Bartlett
>
>     On Tue, 2021-03-30 at 22:22 -0300, Carlos Alberto Panozzo Cunha wrote:
>     > Uhum ... I change name but i re-used IP. In ase it tis problem re-
>     > used ip?
>     > Or will this message disappear in time? or how to solve?
>     >
>     > Thanks
>     >
>     >
>     > In ase it tis problema re-used ip or with tie de "msg erro" dont
>     >
>     > Em ter., 30 de mar. de 2021 às 20:46, Andrew Bartlett <
>     > abartlet at samba.org <mailto:abartlet at samba.org>> escreveu:
>     > > On Tue, 2021-03-30 at 20:23 -0300, Carlos via samba wrote:
>     > > > Hi! I Join im new dc, thats is ok but in log o see
>     > > >
>     > > >
>     > > > GSS server Update(krb5)(1) Update failed: Miscellaneous failure
>     > > > (see
>     > > > text): Failed to find DCXXX$@XXXX(kvno 1) in keytab
>     > > > FILE:/opt/samba/private/secr
>     > > > ets.keytab (arcfour-hmac-md5)
>     > > >
>     > > >
>     > > > It is a problem ?
>     > >
>     > > This just means that your DC has been contacted by a client
>     who has
>     > > a
>     > > ticket encrypted by the KDC with a different machine account
>     > > password.
>     > >
>     > > This often happens after a domain re-join as the passwords are re-
>     > > randomised, or if a name or IP is otherwise re-used.
>     > >
>     > > Andrew Bartlett
>     > >
>     -- 
>     Andrew Bartlett (he/him) https://samba.org/~abartlet/
>     <https://samba.org/~abartlet/>
>     Samba Team Member (since 2001) https://samba.org <https://samba.org>
>     Samba Team Lead, Catalyst IT
>     https://catalyst.net.nz/services/samba
>     <https://catalyst.net.nz/services/samba>
>
>     Samba Development and Support, Catalyst IT - Expert Open Source
>     Solutions
>
>
>
>
>

More information about the samba mailing list