[Samba] session setup failed: NT_STATUS_NO_IMPERSONATION_TOKEN
Luc Lalonde
Luc.Lalonde at polymtl.ca
Tue Jul 26 20:45:40 UTC 2022
Wow, that did the trick! I historically joined using 'msktutil' with
the '--no-pac' option for some reason that I can't recall.
I retried the same command omitting this option and everything is
working great now.
Why did this work in the past and it no longer works now?
Thanks
On 2022-07-26 16:06, Andrew Bartlett wrote:
> On Tue, 2022-07-26 at 15:43 -0400, Luc Lalonde via samba wrote:
>> Hello all,
>>
>> I'm having issues configuring a new Samba server on a Debian-11
>> instance (Samba 4.13.13).
>>
>> What's working:
>>
>> * Winbind authentification
>> * NFSv4 exports using gss/krb5
>>
>> And not working:
>>
>> * Samba user homes exports
>>
>> Here's the error when I try to access the share:
>>
>> smbclient //fs1.example.com/wadmin -U -g EXAMPLE.COM
>> Password for [EXAMPLE\wadmin]:
>> session setup failed: NT_STATUS_NO_IMPERSONATION_TOKEN
>>
> This means you have configured the AD account that you have created
> manually for Samba to refuse to send Samba a Kerberos PAC.
>
> A normal domain join should work.
>
> Andrew Bartlett
>
--
Luc Lalonde, analyste
-----------------------------
Département de génie informatique:
École polytechnique de MTL
(514) 340-4711 x5049
Luc.Lalonde at polymtl.ca
-----------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20220726/99570c54/OpenPGP_signature.sig>
More information about the samba
mailing list