DEVHIDE
Login Or Sign up

Getting this error message:- "KDC has no support for encryption type while getting initial credentials"

7.1k Views Asked by At

Trying to connect a Linux machine running CentOS to an MS Windows Active Directory domain ( Server Windows 2003 )

Version

Client - Linux

uname -r => 4.18.0-147.5.1.el8_1.x86_64 lsb_release -d => CentOS Linux release 8.1.1911 (Core)

Server MS Windows 2003

Command

KRB5_TRACE=/dev/stdout kinit -V

Output

KRB5_TRACE=/dev/stdout kinit -V [email protected].

Using default cache: 1000
Using principal: [email protected].
[2448] 1588503907.189313: Getting initial credentials for [email protected].
[2448] 1588503907.189315: Sending unauthenticated request
[2448] 1588503907.189316: Sending request (224 bytes) to LAB.org.
[2448] 1588503907.189317: Sending DNS URI query for _kerberos.LAB.org.
[2448] 1588503907.189318: No URI records found
[2448] 1588503907.189319: Sending DNS SRV query for _kerberos._udp.LAB.org.
[2448] 1588503907.189320: SRV answer: 0 100 88 "dc01.LAB.org."
[2448] 1588503907.189321: Sending DNS SRV query for _kerberos._tcp.LAB.org.
[2448] 1588503907.189322: SRV answer: 0 100 88 "dc01.LAB.org."
[2448] 1588503907.189323: Resolving hostname dc01.LAB.org.
[2448] 1588503907.189324: Sending initial UDP request to dgram 10.0.4.6:88
[2448] 1588503907.189325: Received answer (104 bytes) from dgram 10.0.4.6:88
[2448] 1588503907.189326: Sending DNS URI query for _kerberos.LAB.org.
[2448] 1588503907.189327: No URI records found
[2448] 1588503907.189328: Sending DNS SRV query for _kerberos-master._udp.LAB.org.
[2448] 1588503907.189329: No SRV records found
[2448] 1588503907.189330: Response was not from master KDC
[2448] 1588503907.189331: Received error from KDC: -1765328370/KDC has no support for encryption type
[2448] 1588503907.189332: Retrying AS request with master KDC
[2448] 1588503907.189333: Getting initial credentials for [email protected].
[2448] 1588503907.189335: Sending unauthenticated request
[2448] 1588503907.189336: Sending request (224 bytes) to LAB.org. (master)
[2448] 1588503907.189337: Sending DNS URI query for _kerberos.LAB.org.
[2448] 1588503907.189338: No URI records found
[2448] 1588503907.189339: Sending DNS SRV query for _kerberos-master._udp.LAB.org.
[2448] 1588503907.189340: Sending DNS SRV query for _kerberos-master._tcp.LAB.org.
[2448] 1588503907.189341: No SRV records found
kinit: KDC has no support for encryption type while getting initial credentials

Works Around Attempted

Specify Encryption Type


    default_tgs_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
    defaukt_tkt_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
    permitted_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
    allow_weak_crypto = true

Active Directory Account Setting

Set Active Directory Account

  1. Use Kerberos DES encryption types for this account

More here

https://docs.google.com/document/d/102UCuMB5IkiPb15468EcWN8-h-t6PfRe1rq6Q7x1IOc/edit?usp=sharing

Summary Trying to see if there are clear workarounds to getting latest version of Linux\sssd to hook into an MS Windows 2003 based Active Directory.

centos kerberos windows-server-2003 sssd
Original Q&A
0

There are 0 best solutions below

Related Questions in CENTOS

Related Questions in KERBEROS

Related Questions in WINDOWS-SERVER-2003

Related Questions in SSSD

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

.

Copyright © 2021 Jogjafile Inc.