On 09/16/09 07:20 PM, Henry B. Hotz wrote: > I admit my motivation is from Solaris 10 experiences. Hope I'm not too > off-topic. > > I have three "example" machines that interact with a Heimdal kdc very > differently. Two of them should be identical: Jumpstarted at the same > time, and have the same krb5.conf. No differences I've seen in the SMF > configuration, though I haven't done a global compare. They both > "work", but one of them always spits out e.g.: > > % kdestroy > localhost: RPC: Rpcbind failure - RPC: Success > > while the other is silent (as expected). >
Whats the state of svc:/network/security/ktkt_warn on those machines? > A third machine won't do timestamp pre-auth. It sends an AS-REQ, gets > the pre-auth-required response, and just quits. (It works fine if I > point it at a KDC that doesn't require pre-auth.) Does truss tell you anything? -M
