[Samba] potential samba bug with Kerberos -k => --use-kerberos
LORANG Geert
geert.lorang at hexagon.com
Fri Apr 22 15:41:38 UTC 2022
We started seeing this as well on Ubuntu 22.04 and Fedora 35.
Looks like you can (unintentionally) use "--use-krb5-ccache=" as a
workaround. E.g.
# net ads join --use-krb5-ccache=
I've logged this in https://bugzilla.samba.org/show_bug.cgi?id=15052
we'll see what the Samba devs think
Cheers,
Geert
On 27/01/2022 17:00, Jason Keltz via samba wrote:
> This email is not from Hexagon’s Office 365 instance. Please be
> careful while clicking links, opening attachments, or replying to this
> email.
>
>
> Hi.
>
> With samba < 4.15 I used the -k (kerberos) option on some commands like
> "net ads leave -k". It worked perfectly.
>
> On 4.15.4, if I still use -k I get the message: WARNING: The option
> -k|--kerberos is deprecated! .. but it still works.
>
> The deprecated warning is because 4.15 series replaced -k with
> --use-kerberos:
>
> Options renamed:
> --kerberos -> --use-kerberos=required|desired|off
>
> If I replace -k with what I assume to be the replacement
> --use-kerberos=required, then it doesn't seem to work. I get prompted
> for the Kerberos password even though klist shows I am already
> authenticated with Kerberos. I can swap between -k and seeing it work,
> and --use-kerberos=required where I get prompted for it.
>
> This seems like a potential bug. Thoughts?
>
> Thanks,
>
> Jason.
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:
> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.samba.org%2Fmailman%2Foptions%2Fsamba&data=04%7C01%7C%7C49c4cf2a2df148d376ef08d9e1ae4f46%7C1b16ab3eb8f64fe39f3e2db7fe549f6a%7C0%7C0%7C637788961057010095%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=EiT%2FwPf00Jav%2BzMnyy7o4C2woJ2NNtskZGm2KJd44x0%3D&reserved=0
More information about the samba
mailing list