From owner-freebsd-ports@FreeBSD.ORG Thu Aug 7 14:12:06 2008 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9523B1065677 for ; Thu, 7 Aug 2008 14:12:06 +0000 (UTC) (envelope-from Oleg.Ginzburg@billing.ru) Received: from gw.billing.ru (gw.billing.ru [81.3.172.222]) by mx1.freebsd.org (Postfix) with ESMTP id 1D2978FC19 for ; Thu, 7 Aug 2008 14:12:05 +0000 (UTC) (envelope-from Oleg.Ginzburg@billing.ru) Received: from srv-exch01.billing.ru ([172.20.0.18]) by srv-exch01.billing.ru ([172.20.0.18]) with mapi; Thu, 7 Aug 2008 18:01:13 +0400 From: "Ginzburg, Oleg" To: "freebsd-ports@freebsd.org" Date: Thu, 7 Aug 2008 18:01:11 +0400 Thread-Topic: Samba, Response too big for UDP, retry with TCP, Kerberos implementation on FreeBSD Thread-Index: Acj4lgw2xvS/SETHSZ27r3xpnRp9XA== Message-ID: <04DB0C1CEA12F2449D23EDB4D0A138A8C782794193@srv-exch01.billing.ru> Accept-Language: ru-RU, en-US Content-Language: ru-RU X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: ru-RU, en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: "mz@seh.de" , "nejc@skoberne.net" Subject: Samba, Response too big for UDP, retry with TCP, Kerberos implementation on FreeBSD X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Aug 2008 14:12:06 -0000 Hello, I receive a similar problem in a current configuration (FreeBSD 7.0-Release= amd64, samba-3.0.31_1) like this: http://lists.samba.org/archive/samba/2007-July/133625.html and most likely I assume problems both in Samba and in realization Kerberos= on FreeBSD (IMHO Samba more:) The problem consists that during the generation phase (libads/kerberos.c:cr= eate_local_private_krb5_conf_for_domain) of temporary file /var/db/samba/sm= b_krb5/krb5.conf. is lost the instruction for transport protocol (if they present in /etc/krb5.c= onf) So, temporary workaround for this problem looks like: 1) After unsuccessful execution $ net ads join ... Edit a file /var/db/samba/smb_krb5/krb5.conf., having added before = server a "tcp/" (of course, only if tcp proto is necessary tcp also it should be present in/etc/krd5.conf): -- [realms] =3D { kdc =3D tcp/ ... } -- 2) Then set forbid modification on a file chflags schg /var/db/samba/smb_krb5/krb5.conf. 3) And trying "net join " again, with ignoring of rename error (create_local_private_krb5_conf_for_domain: rename of /var/db/samba/smb_tmp= _krb5.IQraHE to /var/db/samba/smb_krb5/krb5.conf. failed. Errno Ope= ration not permitted..) Operation must end with success execution. Question - Whether two (FreeBSD/Samba) problems are valid here? (Samba generate not corrected file)+(Heimdal Kerberos FreeBSD not trying fo= rce a tcp? PS: similar problem are not present in MIT Kerberos (/usr/ports/= security/krb5)) -- CJSC "PETER-SERVICE" =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D Direct: +7 812 3261290 ext. 0423 Tel: +7 812 3261299 Fax: +7 812 3261298 E-mail: Oleg.Ginzburg@billing.ru URL: http://www.billing.ru