The Samba-Bugzilla – Bug 956
Upgrade from 3.0.0-final-1 to 3.0.1-1 stops ADS domain members from accessing Samba
Last modified: 2005-11-14 09:31:19 UTC
After upgrading from 3.0.0final-1 (Debian woody x86 + necessary upgrades for
Samba) to 3.0.1-1, ADS domain members could no longer access the Samba server,
the client opens a password prompt.
Entering a password won't help of course because to access the Samba server the
client has to authenticate the connection via ADS...
I noticed something new in the logs:
[2004/01/10 16:55:00, 10] libads/kerberos_verify.c:create_keytab(56)
creating keytab: MEMORY:
[2004/01/10 16:55:00, 3] libads/kerberos_verify.c:setup_keytab(147)
unable to create MEMORY: keytab (Unknown Key table type)
[2004/01/10 16:55:00, 3] libads/kerberos_verify.c:ads_verify_ticket(280)
ads_verify_ticket: unable to setup keytab
[2004/01/10 16:55:00, 1] smbd/sesssetup.c:reply_spnego_kerberos(172)
Failed to verify incoming ticket!
[2004/01/10 16:55:00, 3] smbd/error.c:error_packet(118)
error packet at smbd/sesssetup.c(173) cmd=115 (SMBsesssetupX)
Clients were W2KSP4 and WinXPSP1 (German).
Full level 10 logs are available on request.
Downgrading to 3.0.0final-1 solved the problem.
This problem has also been reported on the mailing list:
Fixed in 3.02.pre1
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.