Environment:
The installed distributions use kerberos and likewise to identify the user to an Active Directory Server.
The client configuration on 9.04 is basic and efficient. I use the same configuration file (krb5.conf) on 10.04.
Kerberos and likewise come from ubuntu repository for each distribution (9.04 and 10.04).
Description:
Using 9.04 to auth with kerberos/likewise works fine: tickets ok, everything is done login in one time only.
Using 10.04 to auth the same way leads to an error and forbids the access: user login ok but the access to other ressources is forbidden, most often returning: KRB Error: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN.
The likewise-open5 versions used are the same on both distributions.
I tested with same versions of kerberos on both distributions and i got the same results.
I thought the "KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN" was related to a dns problem but when i solved this the following appears:
the client sends a TGS_REQ, containing the "Encryption type: rc4-hmac (23)", to the server.
the server answers "KRB5KDC_ERR_ETYPE_NOSUPP (14)"
10.04 sends a section "Authenticator rc4-hmac (23)" in PA-TGS-REQ , 9.04 doesn't.
There's no such error using ubuntu-9.04.
I grab theses informations sniffing the local network with wireshark.
Is there anybody experiencing the same problems ?
How can i fix this ?
thanx
Environment:
The installed distributions use kerberos and likewise to identify the user to an Active Directory Server.
The client configuration on 9.04 is basic and efficient. I use the same configuration file (krb5.conf) on 10.04.
Kerberos and likewise come from ubuntu repository for each distribution (9.04 and 10.04).
Description: ERR_S_PRINCIPAL _UNKNOWN. ERR_S_PRINCIPAL _UNKNOWN" was related to a dns problem but when i solved this the following appears: ERR_ETYPE_ NOSUPP (14)"
Using 9.04 to auth with kerberos/likewise works fine: tickets ok, everything is done login in one time only.
Using 10.04 to auth the same way leads to an error and forbids the access: user login ok but the access to other ressources is forbidden, most often returning: KRB Error: KRB5KDC_
The likewise-open5 versions used are the same on both distributions.
I tested with same versions of kerberos on both distributions and i got the same results.
I thought the "KRB5KDC_
the client sends a TGS_REQ, containing the "Encryption type: rc4-hmac (23)", to the server.
the server answers "KRB5KDC_
10.04 sends a section "Authenticator rc4-hmac (23)" in PA-TGS-REQ , 9.04 doesn't.
There's no such error using ubuntu-9.04.
I grab theses informations sniffing the local network with wireshark.
Is there anybody experiencing the same problems ?
How can i fix this ?
thanx