Thanks Ken (I actually thought that only kvno was changed during ktadd). I have just tried the addent subcommand of ktutil, and it did the job.
Regards - Andrei. On 10/17/06, Ken Hornstein (Contractor) <[EMAIL PROTECTED]> wrote: > > > - After the ktadd operation, the data base however contains: > > > > Number of keys: 1 > > Key: vno 35, DES cbc mode with CRC-32, no salt > > > > And, obviously, klog cannot work anymore. The cpw operation > > resolves this (recreates 3 keys), but then the previously > > added keytab is no longer valid. > > You're focusing on the wrong thing here. The number of keytypes is > really immaterial. > > When you use ktadd, a new _key_ is being created. This means that the > user's password is being changed at the same time (well, when you use > ktadd, there's no guarantee that you will end up with a key which > necessarily corresponds to a password). When you do a ktadd, you're > doing an implicit "cpw -randkey". > > What you might want to do is use ktutil to create a keytab which > corresponds > to the password you want to use for that account (look at "addent" inside > of ktutil). > > --Ken > ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
