[SAMBA4] w2k3 can't authenticate against us with its mechine
credentials
Stefan (metze) Metzmacher
metze at samba.org
Sat Dec 9 15:02:08 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I noticed that a w2k3 box gets NT_STATUS_LOGON_FAILURE in the session
setup reply from samba4, when it tries to do a session setup using krb5
and it's mechine credentials. After it has joined a samba4 domain.
The AS-REQ and TGS-REQ were fine.
I extended the RPC-JOIN test todo a session setup using mechine
credentials and it works against samba4 and w2k3...
The session setups of the administrator are working...
see the attached capture and keytab to read the encrypted blobs
Love, Andrew: any ideas?
metze
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFFes/wm70gjA5TCD8RAp/BAKCfJtVl97OXr6TDQjVwwjNaeLJCEgCgt3KN
WdyYRACWa0B2QO1uw2i2Yzo=
=lscd
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: w2k3-106-session-setup-machine-krb5-fail-01.cap.gz
Type: application/x-gzip
Size: 34252 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20061209/150a8a40/w2k3-106-session-setup-machine-krb5-fail-01.cap.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: krb5.keytab
Type: application/octet-stream
Size: 5553 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20061209/150a8a40/krb5.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: w2k3-106-session-setup-machine-krb5-fail-01.cap.gz.sig
Type: application/pgp-signature
Size: 65 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20061209/150a8a40/w2k3-106-session-setup-machine-krb5-fail-01.cap.gz.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: krb5.keytab.sig
Type: application/pgp-signature
Size: 65 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20061209/150a8a40/krb5.keytab.bin
More information about the samba-technical
mailing list