touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #84788
[Bug 567188] Re: krb5 and ADS error using 10.04, not 9.04
lucid has seen the end of its life and is no longer receiving any
updates. Marking the lucid task for this ticket as "Won't Fix".
** Changed in: krb5 (Ubuntu Lucid)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/567188
Title:
krb5 and ADS error using 10.04, not 9.04
Status in krb5 package in Ubuntu:
Confirmed
Status in krb5 source package in Lucid:
Won't Fix
Bug description:
Environment:
The installed distributions use kerberos and likewise to identify the user to an Active Directory Server.
The client configuration on 9.04 is basic and efficient. I use the same configuration file (krb5.conf) on 10.04.
Kerberos and likewise come from ubuntu repository for each distribution (9.04 and 10.04).
Description:
Using 9.04 to auth with kerberos/likewise works fine: tickets ok, everything is done login in one time only.
Using 10.04 to auth the same way leads to an error and forbids the access: user login ok but the access to other ressources is forbidden, most often returning: KRB Error: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN.
The likewise-open5 versions used are the same on both distributions.
I tested with same versions of kerberos on both distributions and i got the same results.
I thought the "KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN" was related to a dns problem but when i solved this the following appears:
the client sends a TGS_REQ, containing the "Encryption type: rc4-hmac (23)", to the server.
the server answers "KRB5KDC_ERR_ETYPE_NOSUPP (14)"
10.04 sends a section "Authenticator rc4-hmac (23)" in PA-TGS-REQ , 9.04 doesn't.
There's no such error using ubuntu-9.04.
I grab theses informations sniffing the local network with wireshark.
Is there anybody experiencing the same problems ?
How can i fix this ?
thanx
== Regression details ==
Discovered in version: lucid 10.04 : krb5-user 1.8.1+dfsg-2 with likewise 5.3.0-1
Last known good version: jaunty - krb5-user 1.6.dfsg.4~beta1-5ubuntu2.2 with likewise-open5 5.0.3991.1-0ubuntu2
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/567188/+subscriptions