On Tue, Mar 15, 2011 at 11:21:28AM -0400, Greg Hudson wrote: > There are two steps involved in changing a Kerberos password. First, > you request a kadmin/changepw ticket from the KDC using your old > password; then, you send your new password to the kpasswd service, > authenticated with the kadmin/changepw ticket. > > Based on your KDC logs, the first step is succeeding--at least, from the > KDC's point of view. The second step is not, suggesting that the client > has the wrong information for the kpasswd service, or that kadmind isn't > running (the kpasswd service is normally implemented as part of > kadmind).
And also: I believe that the kadmin service can't be located from DNS information (not yet anyway). You have to configure it explicitly in /etc/krb5.conf ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
