Dmitry Krasov via FreeIPA-users wrote: > Hi Florence. > As far as I understand, it's all because the keytab file become bad in some > time. > > 1. Why it's so? > 2. I know how to fix file manually, but how can I check it in script "if file > become bad"?
What makes you think the keytab is bad? A simple way to validate a keytab is to compare the version number to the one the KDC has. $ kinit admin $ kvno host/<client host name> # klist -kt /etc/krb5.keytab Compare the version numbers. It's ok for the keytab to have multiple versions but one has to match what the KDC version number is. ro -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
