OPNsense Forum
English Forums => Web Proxy Filtering and Caching => Topic started by: cristian_asir on May 16, 2019, 09:47:43 am
-
Password for Administrador@PROXY.ASIR:
-- init_password: Wiping the computer password structure
-- generate_new_password: Generating a new, random password for the computer account
-- generate_new_password: Characters read from /dev/urandom = 77
-- get_dc_host: Attempting to find Domain Controller to use via DNS SRV record in domain PROXY.ASIR for procotol tcp
-- validate: Found DC: dominio45.proxy.asir. Checking availability...
-- get_dc_host: Found preferred Domain Controller: dominio45.proxy.asir
-- create_fake_krb5_conf: Created a fake krb5.conf file: /tmp/.msktkrb5.conf-0WoRb4
-- destroy_g_context: Destroying Kerberos Context
-- initialize_g_context: Creating Kerberos Context
-- finalize_exec: SAM Account Name is: OPNSENSE-K$
-- try_machine_keytab_princ: Trying to authenticate for OPNSENSE-K$ from local keytab
-- try_machine_keytab_princ: Error: krb5_get_init_creds_keytab failed (Generic preauthentication failure)
-- try_machine_keytab_princ: Authentication with keytab failed
-- try_machine_keytab_princ: Trying to authenticate for OPNSENSE-K$ from local keytab
-- try_machine_keytab_princ: Error: krb5_get_init_creds_keytab failed (Generic preauthentication failure)
-- try_machine_keytab_princ: Authentication with keytab failed
-- try_machine_keytab_princ: Trying to authenticate for host/opnsense.proxy.asir from local keytab
-- try_machine_keytab_princ: Error: krb5_get_init_creds_keytab failed (Client not found in Kerberos database)
-- try_machine_keytab_princ: Authentication with keytab failed
-- try_machine_password: Trying to authenticate for OPNSENSE-K$ with password
-- create_default_machine_password: Default machine password for OPNSENSE-K$ is opnsense-k
-- try_machine_password: Error: krb5_get_init_creds_keytab failed (Preauthentication failed)
-- try_machine_password: Authentication with password failed
-- try_user_creds: Checking if default ticket cache has tickets
-- finalize_exec: Authenticated using method 5
-- LDAPConnection: Connecting to LDAP server: dominio45.proxy.asir
SASL/GSSAPI authentication started
SASL username: Administrador@PROXY.ASIR
SASL SSF: 256
SASL data security layer installed.
-- ldap_get_base_dn: Determining default LDAP base: dc=PROXY,dc=ASIR
-- ldap_check_account: Checking that a computer account for OPNSENSE-K$ exists
-- ldap_check_account: Checking computer account - found
-- ldap_check_account: Found userAccountControl = 0x1000
-- ldap_check_account: Found supportedEncryptionTypes = 28
-- ldap_check_account: Found dNSHostName = opnsense.proxy.asir
-- ldap_check_account: Found Principal: host/opnsense.proxy.asir
-- ldap_check_account: Found Principal: HTTP/OPNsense.proxy.asir
-- ldap_check_account: userPrincipal specified on command line
-- ldap_check_account_strings: Inspecting (and updating) computer account attributes
-- ldap_check_account_strings: Found userPrincipalName = HTTP/OPNsense.proxy.asir@PROXY.ASIR
-- ldap_check_account_strings: userPrincipalName should be HTTP/OPNsense.proxy.asir@PROXY.ASIR
-- ldap_check_account_strings: Nothing to do
-- ldap_set_supportedEncryptionTypes: No need to change msDs-supportedEncryptionTypes they are 28
-- ldap_set_userAccountControl_flag: Setting userAccountControl bit at 0x200000 to 0x0
-- ldap_set_userAccountControl_flag: userAccountControl not changed 0x1000
-- ldap_get_kvno: KVNO is 4
-- set_password: Attempting to reset computer's password
-- set_password: Try change password using user's ticket cache
-- ldap_get_pwdLastSet: pwdLastSet is 132024662198350819
-- set_password: Successfully set password
-- remove_keytab_entries: Trying to remove entries for OPNSENSE-K$ from keytab
-- execute: Updating all entries for computer account OPNSENSE-K$ in the keytab WRFILE:/usr/local/etc/squid/squid.keytab
-- update_keytab: Updating all entries for OPNSENSE-K$
-- add_principal_keytab: Adding principal to keytab: OPNSENSE-K$
-- get_salt: Using salt of PROXY.ASIRhostopnsense-k.proxy.asir
-- add_principal_keytab: Adding entry of enctype 0x17
Error: krb5_kt_add_entry failed failed (Unsupported key table format version number)