Hi, I'm not shure what is going wrong. The only problem that I can see from your mail is the error message "Message stream modified ..." during password change. When the password change fails it is obvious that the old password is still valid and you need to enter the old password at login.
If that failing password change is the main problem you should send your krb5.conf (from client and kdc) and kdc.conf and the version of MIT kerberos you are using (client version and kdc version). Perhaps someone on this list can help you ... BTW.: the krb5.conf file https://docs.zoho.com/writer/published.do?rid=cm31c4c4612d8314e49839a087e8a4afc2059 does not help reproducing your problem because it is syntacticly incorrect. Regards, Mark > > I am waiting for your response. Please clarify , what am i doing wrong?. > > Thank You, > > Bharathikannan R > > > On Tue, Jun 4, 2013 at 10:13 AM, kannan rbk <[email protected] > <mailto:[email protected]>> wrote: > > HI Mark, > > Do you need any other information? > > Thank You , > > Bharathikannan R > > > On Mon, Jun 3, 2013 at 3:57 PM, kannan rbk <[email protected] > <mailto:[email protected]>> wrote: > > Hi Mark, > > Inline image 2 > > > KDC Host - kdc-zmedia-server > > This is my design layout. I integrated my client machines login > with pam.d and krb5. Now , I am able to login with kerberos > credentials from my client machines. But, If I change my > password using "kpasswd" from client machine , it says "Message > stream modified changing password". > > > $zmedia-bharathi# kpasswd > Password for [email protected] > <mailto:[email protected]> > Enter new password: > Enter it again: > kpasswd: Message stream modified changing password > > *kdc.log * > > Jun 03 15:11:33 zmedia-bharathi krb5kdc[10489](info): AS_REQ (4 > etypes {18 17 16 23}) 192.168.15.201 <http://192.168.15.201>: > NEEDED_PREAUTH: [email protected] > <mailto:[email protected]> for > kadmin/[email protected] > <mailto:[email protected]>, Additional > pre-authentication required > > Jun 03 15:11:33 zmedia-bharathi krb5kdc[10489](info): AS_REQ (4 > etypes {18 17 16 23}) 192.168.15.201 <http://192.168.15.201>: > NEEDED_PREAUTH: [email protected] > <mailto:[email protected]> for > kadmin/[email protected] > <mailto:[email protected]>, Additional > pre-authentication required > > Jun 03 15:11:36 zmedia-bharathi krb5kdc[10489](info): AS_REQ (4 > etypes {18 17 16 23}) 192.168.15.201 <http://192.168.15.201>: > ISSUE: authtime 1370252496, etypes {rep=18 tkt=18 ses=18}, > [email protected] > <mailto:[email protected]> for > kadmin/[email protected] > <mailto:[email protected]> > > > *krb5.conf* > * > * > > https://docs.zoho.com/writer/published.do?rid=cm31c4c4612d8314e49839a087e8a4afc2059 > * > > > > * > When I am changing my password from my client machines using > "kpasswd" , I am receiving request to kdc server from my client > machine and the kpasswd command was successful too. But the > password was not changed. I tested with "kinit" , It is working > with old password. > > Regards , > > Bharathikannan R > > > > > > On Fri, May 31, 2013 at 11:13 PM, Mark Pröhl <[email protected] > <mailto:[email protected]>> wrote: > > Hi, > > > > On 30.05.2013 09:58, kannan rbk wrote: > > I changed password using kpasswd but the existing ticket > cache is not > cleared. > > > why do you expect the ticket cache to be cleared when you > change the password? > > > After changed the password I able to login with existing > password > till the existing ticket expiry time. > > > Can you describe the login process a little bit more (e.g. > do you have to enter the password during login)? > > Regards, > > Mark > > -- > Mark Pröhl > [email protected] <mailto:[email protected]> > www.kerberos-buch.de <http://www.kerberos-buch.de> > > > > > -- > Regards, > > Bharathikannan R > > > > > -- > Regards, > > Bharathikannan R > > > > > -- > Regards, > > Bharathikannan R ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
