[Pkg-samba-maint] Bug#566977: Bug#566977: Acknowledgement (samba-common-bin: 'net ads join' fails against Windows 2003 domain with 'Program lacks support for encryption type')

Etienne Goyer etienne.goyer at canonical.com
Wed Jan 27 07:47:05 UTC 2010


Steve Langasek wrote:
> On Tue, Jan 26, 2010 at 11:00:28AM -0500, Etienne Goyer wrote:
>> That sounds like a regression to me, if previously working setup are
>> broken on update.  Is there any way the behavior could be reversed to be
>> backward-compatible?
> 
> It's a deliberate behavior change to disable weak encryption types by
> default, so the only things broken are those that depend on weak encryption
> types.  You're welcome to try to persuade the Kerberos guys to revert
> this...

I do not see the point in trying; they must be aware of the consequence
of that behavior change already.  That being said, from the distribution
point of view, would it be appropriate to take measure to ensure the
user base is not left to figure out why their Kerberos authentication is
broken on update by themselves?





More information about the Pkg-samba-maint mailing list