Again, pardon the Kerberos/OpenAFS dual nature of this request.
I am posting here because it certainly seems related to the
conversion and I'd eventually like to document every hurdle
of this ping-pong bout.
I dumped kaserver.DB0, removed the AuthServer, afs, and
krbtgt principals at the top of the file, and loaded it
into my KDC.
I confirmed the new principals' existence via listprincs.
I am no longer able to authenticate as jblaine:
kadmin.local: getprinc jblaine
Principal: [EMAIL PROTECTED]
Expiration date: Wed Dec 30 19:00:00 EST 2037
Last password change: [never]
Password expiration date: [none]
Maximum ticket life: 14 days 00:00:00
Maximum renewable life: 7 days 00:00:00
Last modified: Mon Oct 29 12:37:53 EDT 2007 ([EMAIL PROTECTED])
Last successful authentication: [never]
Last failed authentication: [never]
Failed password attempts: 0
Number of keys: 1
Key: vno 5, DES cbc mode with CRC-32, AFS version 3
Attributes:
Policy: [none]
jblaine% /usr/kerberos/bin/kinit
kinit(v5): Password incorrect while getting initial credentials
jblaine%
Oct 29 12:58:13 silmaril krb5kdc[13245](info): AS_REQ (7 etypes {18 17
16 23 1 3 2}) xxx.xx.11.213: DECRYPT_CLIENT_KEY: [EMAIL PROTECTED] for
krbtgt/[EMAIL PROTECTED], Decrypt integrity check failed
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
