The errors are the results of MIT resolution to exclude DES/DES3 from the supported enctypes (security reasons). The parameter "allow_weak_crypto = true" should be added in the default [libdefaults] section of /etc/krb5.conf. Adding this parameter solved the errors of the original bug report but leads to a new one: likewise+krb5 cannot get the authenticated user groups correctly from the ADS when trying to browse samba shares using tickets. It looks like a bug in krb5 when using "allow_weak_crypto = true" in the des/des3 "old school" support. This support is _not_ like the previous des/des3 krb version support. MIT isn't really in "verbose mode" about the code they modified to make this partial support ""good enough"".
-- krb5 and ADS error using 10.04, not 9.04 https://bugs.launchpad.net/bugs/567188 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
