-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ying,
> ads_secrets_verify_ticket: enc type [3] decrypted message ! > ...... > smb_krb5_verify_checksum: krb5_c_verify_checksum() failed: Bad > encryption type > check_pac_checksum: PAC Verification failed: Bad encryption type ... > I'm wondering whether it's an abnormal behavior, or there > is a specific fix to improve performance. Could somebody look > at this and help me out? It looks like you have the DES only bit set of the machine trust account. I have this vague memory of the PAC checksum always being signed using RC4-HMAC. Do you Krb5 libs support that enc type? It doesn't appear that they do based on your logs. Or maybe the support was just not detected when Samba was compiled. cheers, jerry ===================================================================== Samba ------- http://www.samba.org Centeris ----------- http://www.centeris.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG1aSvIR7qMdg1EfYRAqzCAJ99vPBHlp4GyOaXvJvwnPFgcfl6bgCgrNOC fXyRZWLFJkSZzurWhcKqrtA= =rFSK -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
