Again, pardon the Kerberos/OpenAFS dual nature of this request. I am posting here because it certainly seems related to the conversion and I'd eventually like to document every hurdle of this ping-pong bout.
I dumped kaserver.DB0, removed the AuthServer, afs, and krbtgt principals at the top of the file, and loaded it into my KDC. I confirmed the new principals' existence via listprincs. I am no longer able to authenticate as jblaine: kadmin.local: getprinc jblaine Principal: [EMAIL PROTECTED] Expiration date: Wed Dec 30 19:00:00 EST 2037 Last password change: [never] Password expiration date: [none] Maximum ticket life: 14 days 00:00:00 Maximum renewable life: 7 days 00:00:00 Last modified: Mon Oct 29 12:37:53 EDT 2007 ([EMAIL PROTECTED]) Last successful authentication: [never] Last failed authentication: [never] Failed password attempts: 0 Number of keys: 1 Key: vno 5, DES cbc mode with CRC-32, AFS version 3 Attributes: Policy: [none] jblaine% /usr/kerberos/bin/kinit kinit(v5): Password incorrect while getting initial credentials jblaine% Oct 29 12:58:13 silmaril krb5kdc[13245](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) xxx.xx.11.213: DECRYPT_CLIENT_KEY: [EMAIL PROTECTED] for krbtgt/[EMAIL PROTECTED], Decrypt integrity check failed _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info