Bug ID | 1105993 |
---|---|
Summary | Authentication broken for w2k-client when using samba as Member-Server in AD-Environment |
Classification | openSUSE |
Product | openSUSE Distribution |
Version | Leap 15.0 |
Hardware | x86-64 |
OS | SUSE Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Samba |
Assignee | samba-maintainers@SuSE.de |
Reporter | edv@brand-ladenbau.de |
QA Contact | samba-maintainers@SuSE.de |
Found By | --- |
Blocker | --- |
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0 Build Identifier: smbd-log: switch message SMBsesssetupX (pid 6383) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) wct=12 flg2=0xc807 Doing spnego session setup NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0] PrimaryDomain=[] dbwrap_lock_order_lock: check lock order 1 for /usr/local/samba/var/lock/smbXsrv_session_global.tdb dbwrap_lock_order_unlock: release lock order 1 for /usr/local/samba/var/lock/smbXsrv_session_global. tdb Making default auth method list for server role = 'domain member' load_auth_module: Attempting to find an auth method to match guest load_auth_module: auth method guest has a valid init load_auth_module: Attempting to find an auth method to match sam load_auth_module: auth method sam has a valid init load_auth_module: Attempting to find an auth method to match winbind load_auth_module: auth method winbind has a valid init load_auth_module: Attempting to find an auth method to match sam_ignoredomain load_auth_module: auth method sam_ignoredomain has a valid init Starting GENSEC mechanism spnego push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Starting GENSEC submechanism gse_krb5 gss_accept_sec_context failed with [Unspecified GSS failure. Minor code may provide more informatio n: Encryption type not permitted] Reproducible: Always Steps to Reproduce: 1.Install samba from Distribution or samba-Repository (actual V4.8.4) 2.net ads join ... 3.try to access share from w2k-machine (net use x: \\samba-server\share -u validdomain\validuser) Actual Results: System Error 1450, not enough system resources available... Expected Results: Connection to share successful when samba 4.8.4 is configured without mitkrb5, it works as expected.