[Samba] Decrypt integrity check failed for checksum type hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
Carlos
carlos.hollow at gmail.com
Mon Aug 8 13:50:29 UTC 2022
Hi
I updated my DC(i have 5 DCs), and i'm updated one by one...
I demote DC, in new server(chnaged hostname), i change for IP equal one
dc demote
DC Demote = 172.16.1.85-> shutdown
DC New = 172.16.1.85 -> Join
That all right, i don't problems, but in logs DC new i ss much message :
[2022/08/08 10:38:27.844340, 1]
../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal)
GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see
text): Decrypt integrity check failed for checksum type
hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
[2022/08/08 10:38:28.035271, 1]
../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal)
GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see
text): Decrypt integrity check failed for checksum type
hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
[2022/08/08 10:38:28.246462, 1]
../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal)
GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see
text): Decrypt integrity check failed for checksum type
hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
[2022/08/08 10:38:29.566079, 1]
../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal)
GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see
text): Decrypt integrity check failed for checksum type
hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
[2022/08/08 10:38:29.996828, 1]
../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal)
GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see
text): Decrypt integrity check failed for checksum type
hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
[2022/08/08 10:38:32.181868, 1]
../../source4/auth/gensec/gensec_gssapi.c:791(gensec_gssapi_update_internal)
GSS server Update(krb5)(1) Update failed: Miscellaneous failure (see
text): Decrypt integrity check failed for checksum type
hmac-sha1-96-aes256, key type aes256-cts-hmac-sha1-96
[2022/08/08 10:38:32.210028, 3]
../../auth/auth_log.c:647(log_authentication_event_human_readable)
Only in DC new, in other DCs No. IT's a problem ?
My smb.conf
# Global parameters
[global]
netbios name = SAMBA2
realm = XXXXXXX
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbindd, ntp_signd, kcc, dnsupdate
workgroup = XXXXX
#log level = 1 auth_audit:3 auth_json_audit:3
log level = 1 auth_audit:3
max log size = 5000
tls enabled = yes
tls keyfile = tls/xxx.key
tls certfile = tls/xxxxx.crt
tls cafile = tls/xxxxxx-CA.crt
[sysvol]
path = /var/lib/samba/sysvol
read only = No
[netlogon]
path = /var/lib/samba/sysvol/xxxxx/scripts
read only = No
====
Others Information:
# installed by -> https://apt.van-belle.nl/
samba -V
Version 4.15.7-Ubuntu
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.4 LTS
Release: 20.04
Codename: focal
===
Regards;
More information about the samba
mailing list