[Samba] Samba AD DC on a trust relationship with IdM - kpasswd not working porperly
Mateo Duffour
mduffour at fnr.gub.uy
Thu Apr 7 15:39:39 UTC 2022
Hi,
We've updated our Samba server version to 4.16.0 and we're getting this error now (when trying to login with any user):
Apr 07 11:50:46 idmsrvpru.idmpru.xxx.xxx.xx krb5_child[4846]: Error constructing AP-REQ armor: Server krbtgt/ADTEST.xxx.xxx.xx at IDMPRU.xxx.xxx.xx not found in Kerberos database
Apr 07 11:50:46 idmsrvpru.idmpru.xxx.xxx.xx krb5_child[4846]: Error constructing AP-REQ armor: Server krbtgt/ADTEST.xxx.xxx.xx at IDMPRU.xxx.xxx.xx not found in Kerberos database
Apr 07 11:50:46 idmsrvpru.idmpru.xxx.xxx.xx sshd[4842]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.9.9.4 user=usu7 at adtest.xxx.xxx.xx
Apr 07 11:50:46 idmsrvpru.idmpru.xxx.xxx.xx sshd[4842]: pam_sss(sshd:auth): received for user usu7 at adtest.xxx.xxx.xx: 4 (System error)
Apr 07 11:50:48 idmsrvpru.idmpru.xxx.xxx.xx sshd[4840]: error: PAM: Authentication failure for usu7 at adtest.xxx.xxx.xx from 10.9.9.4
Any help is appreciated, regards.
Lic. Mateo Duffour
Unidad Informática
2901.40.91
[ http://maps.apple.com/?q=18%20de%20julio%20985%20-%20Piso%204,Montevideo,Uruguay | 18 de julio 985 - Piso 3, Montevideo, Uruguay ]
[ http://www.fnr.gub.uy/ | ]
No me imprimas si no es necesario. Protejamos el medio ambiente. Este mensaje y la información adjunta al mismo está dirigido exclusivamente a su destinatario. Puede contener información confidencial, privilegiada o de uso restringido, protegida por las normas. Si Ud. recibió este e-mail por error, por favor, sírvase notificarle a quien se lo envió y borrar el original. Cualquier otro uso del e-mail por Ud. está prohibido.
From: "Denis CARDON" <dcardon at tranquil.it>
To: "Mateo Duffour" <mduffour at fnr.gub.uy>, "samba" <samba at lists.samba.org>
Cc: "Juan Andrés Ghigliazza" <aghigliazza at fnr.gub.uy>
Sent: Wednesday, 30 March, 2022 13:05:10
Subject: Re: [Samba] Samba AD DC on a trust relationship with IdM - kpasswd not working porperly
Hi Mateo,
Le 30/03/2022 à 16:51, Mateo Duffour via samba a écrit :
From: "Mateo Duffour" <mduffour at fnr.gub.uy>
To: "samba" <samba at lists.samba.org>
Cc: "Juan Andrés Ghigliazza" <aghigliazza at fnr.gub.uy>
Sent: Wednesday, 30 March, 2022 10:53:38
Subject: Samba AD DC on a trust relationship with IdM - kpasswd not working porperly
Hi,
We are experiencing a problem on our installation of Samba AD DC that it's on a trust relationship with an IdM server.
We are having issues when executing kpasswd on a user account of Samba AD DC from the IdM Server as described here https://bugzilla.samba.org/show_bug.cgi?id=15021
I just answer on the bugzilla entry. Your kpasswd is expecting FAST
support which has been added in samba 4.16. So you either have to
disable FAST or upgrade first.
Cheers,
Denis
BQ_BEGIN
Any help is appreciated, regards
Lic. Mateo Duffour
Unidad Informática
2901.40.91
[ http://maps.apple.com/?q=18%20de%20julio%20985%20-%20Piso%204,Montevideo,Uruguay | 18 de julio 985 - Piso 3, Montevideo, Uruguay ]
[ http://www.fnr.gub.uy/ | ]
No me imprimas si no es necesario. Protejamos el medio ambiente. Este mensaje y la información adjunta al mismo está dirigido exclusivamente a su destinatario. Puede contener información confidencial, privilegiada o de uso restringido, protegida por las normas. Si Ud. recibió este e-mail por error, por favor, sírvase notificarle a quien se lo envió y borrar el original. Cualquier otro uso del e-mail por Ud. está prohibido.
BQ_END
More information about the samba
mailing list