touch-packages team mailing list archive

Thread
Date

[Bug 567188] Re: krb5 and ADS error using 10.04, not 9.04

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Rolf Leggewie <567188@xxxxxxxxxxxxxxxxxx>
Date: Wed, 17 Jun 2015 11:16:10 -0000
Reply-to: Bug 567188 <567188@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

lucid has seen the end of its life and is no longer receiving any
updates. Marking the lucid task for this ticket as "Won't Fix".

** Changed in: krb5 (Ubuntu Lucid)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/567188

Title:
  krb5 and ADS error using 10.04, not 9.04

Status in krb5 package in Ubuntu:
  Confirmed
Status in krb5 source package in Lucid:
  Won't Fix

Bug description:
  Environment:
  The installed distributions use kerberos and likewise to identify the user to an Active Directory Server.
  The client configuration on 9.04 is basic and efficient. I use the same configuration file (krb5.conf) on 10.04.
  Kerberos and likewise come from ubuntu repository for each distribution (9.04 and 10.04).

  Description:
  Using 9.04 to auth with kerberos/likewise works fine: tickets ok, everything is done login in one time only.
  Using 10.04 to auth the same way leads to an error and forbids the access: user login ok but the access to other ressources is forbidden, most often returning: KRB Error: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN.
  The likewise-open5 versions used are the same on both distributions.
  I tested with same versions of kerberos on both distributions and i got the same results.
  I thought the "KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN" was related to a dns problem but when i solved this the following appears:
       the client sends a TGS_REQ, containing the "Encryption type: rc4-hmac (23)", to the server.
       the server answers "KRB5KDC_ERR_ETYPE_NOSUPP (14)"
       10.04 sends a section "Authenticator rc4-hmac (23)" in PA-TGS-REQ , 9.04 doesn't.

  There's no such error using ubuntu-9.04.
  I grab theses informations sniffing the local network with wireshark.

  Is there anybody experiencing the same problems ?
  How can i fix this ?
  thanx

  == Regression details ==
  Discovered in version: lucid 10.04 : krb5-user 1.8.1+dfsg-2 with likewise 5.3.0-1
  Last known good version: jaunty - krb5-user 1.6.dfsg.4~beta1-5ubuntu2.2 with likewise-open5 5.0.3991.1-0ubuntu2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/567188/+subscriptions