Bug 5717 - Samba appears to only use the most recent KVNO
Summary: Samba appears to only use the most recent KVNO
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: winbind (show other bugs)
Version: 3.0.31
Hardware: Other All
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
Depends on:
Reported: 2008-08-25 01:45 UTC by Kevin Qi
Modified: 2019-06-19 06:16 UTC (History)
3 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Kevin Qi 2008-08-25 01:45:29 UTC
Samba should check all of the KVNOs in the keytab, support old KVNO in the case where keytab is configured to use Kerberos keytab
Comment 1 Andrew Bartlett 2019-06-19 04:19:42 UTC
Modern and all supported versions (eg 4.8 and above) of Samba do correctly handle multiple KVNOs in a keytab, either by correctly maintaining the KVNO (source4, ie the AD DC) or scanning all keys (source3, the file server). 

Likely fixed since the gensec work done for Samba 4.0.