[Samba] Failed to verify ticket ?

Wed, 12 May 2004 07:24:14 -0700

Hi !

My problem is that :
[2004/05/12 16:07:30, 1] smbd/sesssetup.c:reply_spnego_kerberos(173)
 Failed to verify incoming ticket!
[2004/05/12 16:07:30, 1] smbd/sesssetup.c:reply_spnego_kerberos(173)
 Failed to verify incoming ticket!
[2004/05/12 16:07:39, 1] smbd/sesssetup.c:reply_spnego_kerberos(173)
 Failed to verify incoming ticket!
[2004/05/12 16:07:59, 0] lib/util_sock.c:read_socket_data(342)
 read_socket_data: recv failure for 4. Error = Connection reset by peer
[2004/05/12 16:07:59, 1] smbd/service.c:close_cnum(887)
 saisie-srag (10.143.31.100) closed connection to service tmp

A w2k client can't log on my samba server.

Here's my krb5.conf :

[logging]
        default = FILE:/var/log/kerberos/krb5libs.log
        kdc = FILE:/var/log/kerberos/krb5kdc.log
        admin_server = FILE:/var/log/kerberos/kadmind.log

[libdefaults]
        ticket_lifetime = 24000
        default_realm = DRAF.FC
        default_tgs_enctypes = des-cbc-crc des-cbc-md5
        default_tkt_enctypes = des-cbc-crc des-cbc-md5
        permitted_enctypes = des-cbc-crc des-cbc-md5

#default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
#default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
#permitted_enctypes = des3-hmac-sha1 des-cbc-crc

        dns_lookup_realm = false
        dns_lookup_kdc = false
        kdc_req_checksum_type = 2
        checksum_type = 2
        ccache_type = 1
        forwardable = true
        proxiable = true

[realms]
        DRAF.FC = {
        kdc = draffc3.draf.fc
        default_domain = DRAFFCOMTE
}

[domain_realm]
        .draf.fc = DRAF.FC

[kdc]
        profile = /etc/kerberos/krb5kdc/kdc.conf

[pam]
        debug = false
        ticket_lifetime = 36000
        renew_lifetime = 36000
        forwardable = true
        krb4_convert = false

[appdefaults]
        pam = {
        debug = true
        ticket_lifetime = 36000
        renew_lifetime = 36000
        forwardable = true
        krb4_convert = true
        afs_cells = draffc3.draf.fc
        hosts = draffc3.draf.fc
        max_timeout = 30
        timeout_shift = 2
        initial_timeout = 1
        }

[login]
        krb4_convert = false
        krb4_get_tickets = false

Any idea about my misconfiguration in Kerberos, everyone ?

Please, just answer me for that and I'll let you breath !

Thanks for reading

Bertram

_________________________________________________________________
Trouvez l'âme soeur sur MSN Rencontres http://g.msn.fr/FR1000/9551

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Reply via email to