>From what I read with Win-2003 SP1 KDC you can force the encryption type
to be something that AFS can use. i.e cbc-crc cbc-md5
I have tried all the following without success in krb5.conf
default_tkt_enctypes = des-cbc-crc,des-cbc-md5
default_tgs_enctypes = des-cbc-crc,des-cbc-md5
default_etypes = des-cbc-crc,des-cbc-md5
default_etypes_des = des-cbc-crc,des-cbc-md5
permitted_enctypes =des-cbc-crc des-cbc-md5 des-cbc-crc
I can force the skey part of the Etype to be CRC by the looks of it but
I still end up with ArcFour MD5 in the second part.
-bash-2.05b# klist -e -f
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: [EMAIL PROTECTED]
Valid starting Expires Service principal
08/24/05 13:15:23 08/24/05 23:15:23 krbtgt/[EMAIL PROTECTED]
Flags: IA, Etype (skey, tkt): DES cbc mode with CRC-32, ArcFour
with HMAC/md5
08/24/05 13:16:11 08/24/05 23:15:23 afs/[EMAIL PROTECTED]
Flags: A, Etype (skey, tkt): DES cbc mode with CRC-32, DES cbc
mode with RSA-MD5
Am I missing something here ? I am guessing that this is not working
because of the encryption type and not something else I am doing wrong
Regards
Adam....
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
