Manualshelf

HP CIFS Server and Kerberos

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
919293949596979899100
95
8.1.6 Windows Event Logger
The Windows KDC event logger can be useful just to validate that the client is requesting tickets for
the HP CIFS Server service.
To enable Security event logging on a KDC, read the instructions at:
http://support.microsoft.com/default.aspx?scid=kb;en-us;300549&sd=tech
The ticket encryption type will usually be 0x3 – MD5, assuming that the krb5.conf file is confgired for
MD5.. If the enctype is not 0x3, then there may be a problem with the userAccountControl attribute
on the CIFS Server Computer container. See the “Joining Domain” topic.
8.1.7 Wireshark
Wireshark is probably the most powerful tool for troubleshooting Kerberos, which should be apparent
from the numerous traces shown in the body of this paper. Wireshark is especially useful to display
exactly what the Kerberos data is that is passed between the HP CIFS Server, client, and KDC. Of
course, the encrypted keys themselves are not displayed.