[Samba] winbind & kerberos question
Rowland Penny
rpenny at samba.org
Mon Jun 27 12:08:03 UTC 2022
On Mon, 2022-06-27 at 12:45 +0200, Andreas Hauffe via samba wrote:
> Error verifying signature: parse error
> Dear list,
>
> I'm having trouble with refreshing kerberos tickets with winbind.
> Our
> clients are openSUSE Leap 15.4 clients with a separately build samba
> 4.16.2 and they are domain members of an AD domain named
> ilrw.ing.dom.tu-dresden.de. This domain is a subdomain (two-way,
> transitive trusts) of ing.dom.tu-dresden.de, which again is a
> subdomain
> of dom.tu-dresden.de. User accounts are administered centrally in
> the
> root domain dom.tu-dresden.de. If I logon to a client with a
> useraccount
> I'm getting a tgt and service tickets and everything works fine, as
> seen
> in the klist output:
I wonder if this is a 'trusts' problem ?
Stefan Kania probably knows more about them than anyone else, he gave a
talk about them at SambaXP, see here for the pdf:
https://www.kania-online.de/wp-content/uploads/2019/06/trusts-tutorial-en.pdf
Reading that may give you help.
Rowland
More information about the samba
mailing list