[Samba] DEPRECATED:arcfour-hmac
bd730c5053df9efb
bd730c5053df9efb at proton.me
Fri Dec 1 16:23:37 UTC 2023
Hello!
I'm trying to setup dovecot to do single sign on with a samba 4.18.9 DC on slackware 15.0 (in case the experimental mit thing we discussed yesterday could be part of the issue) following https://wiki.samba.org/index.php/Authenticating_Dovecot_against_Active_Directory and https://doc.dovecot.org/configuration_manual/authentication/kerberos/
I executed the commands
samba-tool spn add imap/host.samdom.example.com dovecotuser
samba-tool domain exportkeytab --principal imap/host.samdom.example.com /root/dovecot.keytab
but when I check the created keytab with the command
klist -Kek /etc/dovecot/dovecot.keytab the output is as follows
Keytab name: FILE:dovecot.keytab
KVNO Principal
---- --------------------------------------------------------------------------
3 imap/host.samdom.example.com at EXAMPLE.COM (DEPRECATED:arcfour-hmac) (0x6a83392f4fe666aa7e4e14033ef54896)
I know I have tried this before in another slackware setup and I'm postive the output of this command included other algorithms but I don't have that environment available anymore to check samba's or slackware's version or the output of the command.
Is there a reason why I only get the arcfour-hmac encryption and not any of the others I saw documented in the forementioned pages? Is there something I can do to modify this without recompiling samba? If not, Is it possible to compile samba without linking it to MIT while MIT is installed instead of heimdall.
Thanks in advance.
Best regards,
Dave.
Sent with Proton Mail secure email.
More information about the samba
mailing list