HP CIFS Server and Kerberos
43
The client user buffy maps her home drive on the HP CIFS Server (samba) share. In this case, the
service ticket that is requested from the Windows 2000 KDC is encrypted in DES-CBC-MD5. This
ticket will be presented by the client to the HP CIFS Server during the SMB session setup to request
access to the share. The user buffy is authenticated to the Windows 2000 domain using RC4-HMAC
encryption. This is the expected behavior.
Windows XP SP1 client presents service ticket for \\atcux5\buffy to the HP CIFS Server (Samba).
Command: none.
The client presents the service ticket (acquired in the transaction with the KDC that is displayed on the
previous page) to the HP CIFS Server (Samba). The service ticket for \\ATCUX5\BUFFY (see the
Wireshark trace record 3855) is encrypted with DES-CBC-MD5.
The HP CIFS Server log entry is (grep crypt log.netbiosname):
ads_secrets_verify_ticket: enc type [18] failed to decrypt with error Bad encryption type
ads_secrets_verify_ticket: enc type [17] failed to decrypt with error Bad encryption type
ads_secrets_verify_ticket: enc type [16] failed to decrypt with error Bad encryption type
ads_secrets_verify_ticket: enc type [23] failed to decrypt with error Bad encryption type
ads_secrets_verify_ticket: enc type [1] failed to decrypt with error Bad encryption type
ads_secrets_verify_ticket: enc type [3] decrypted message !