How to reproduce: CentOS7.x-x86-64 ( 7.2 and 7.4) 1. install krb5-server-1.15 and configure samba v4.7.0 as : ./configure --with-system-mitkrb5 2. build with ad-dc feature. 3. samba-tool domain provision --server-role=dc --use-rfc2307 --dns-backend=BIND9_DLZ --realm=xxx --domain=AD --adminpass=XXXX 4. change named.conf and krb5.conf,kdc.conf, following intructions from the previous step and Wiki of samba. 5. join windows7-64bit to AD and restart it. 6. trace samba related logs. ================================================ [root@pdc samba]# more log.samba [2017/09/27 12:54:55.362600, 0] ../lib/util/util_runcmd.c:324(samba_runcmd_io_handler) /usr/sbin/krb5kdc: krb5kdc: do_tgs_req.c:826: process_tgs_req: Assertion `status != ((void *)0)' failed. [2017/09/27 12:54:55.833120, 0] ../source4/kdc/kdc-service-mit.c:348(mitkdc_server_done) The MIT KDC daemon died with exit status 6 [2017/09/27 12:54:55.833268, 0] ../source4/smbd/service_task.c:35(task_server_terminate) task_server_terminate: [mitkdc child process exited] ===================================================== 7. mit-krb5 coredump happens. ============================== Wed Sep 27 12:54 1117/87310 "[abrt] krb5-server: krb5kdc killed by SIGABRT" cmdline: /usr/sbin/krb5kdc -n executable: /usr/sbin/krb5kdc package: krb5-server-1.15.1-8.el7 component: krb5 :Sep 27 11:55:56 pdc.ad.pthl.hk samba[14387]: /usr/sbin/krb5kdc: krb5kdc: do_tgs_req.c:826: process_tgs_req: Assertion `status != ((void *)0)' failed. :Sep 27 11:55:56 pdc.ad.pthl.hk abrt-hook-ccpp[14593]: Process 14394 (krb5kdc) of user 0 killed by SIGABRT - dumping core ==================================== ### mit-krb5.log, ip 172.16.232.210 is machine windows7-64bit's IP address. Sep 27 12:54:54 pdc.ad.pthl.hk krb5kdc[14995](info): TGS_REQ (5 etypes {18 17 23 24 -135}) 172.16.232.210: ISSUE: authtime 1506488087, etypes {rep=18 tkt =23 ses=23}, DC-ADMIN$@AD.PTHL.HK for DNS/pdc.ad.pthl.hk@AD.PTHL.HK Sep 27 12:54:54 pdc.ad.pthl.hk krb5kdc[14995](info): closing down fd 22 Sep 27 12:54:55 pdc.ad.pthl.hk krb5kdc[14995](info): TGS_REQ (5 etypes {18 17 23 24 -135}) 172.16.232.210: ISSUE: authtime 1506488087, etypes {rep=18 tkt =18 ses=18}, DC-ADMIN$@AD.PTHL.HK for DC-ADMIN$@AD.PTHL.HK Sep 27 12:54:55 pdc.ad.pthl.hk krb5kdc[14995](info): closing down fd 22 Sep 27 12:54:55 pdc.ad.pthl.hk krb5kdc[14995](info): TGS_REQ (5 etypes {18 17 23 24 -135}) 172.16.232.210: ISSUE: authtime 1506488087, etypes {rep=18 tkt =18 ses=18}, DC-ADMIN$@AD.PTHL.HK for dc-admin$\@AD.PTHL.HK@AD.PTHL.HK Sep 27 12:54:55 pdc.ad.pthl.hk krb5kdc[14995](info): closing down fd 22 ================================== 8. run `kadmin.local` as root, and then type `listprins` when I want to exit the console, I type "quit" or "exit" Also coredump happens.
While with embedded Hemedal Kerberos, I don't see this stuff.
I'm pretty sure this issue was fixed in later versions of Samba 4.7 but I can't find the commit details or entry in the WHATSNEW.
Can you reproduce this with newer version than 4.7.0? The latest 4.7 release which is 4.7.10 or 4.8?
Given lack of further feedback and development since I'm closing this as presumably fixed.