I'm going to make a guess, because you didn't include the packets between KRB5KDC_ERR_KEY_EXP and KRB5KDC_ERR_PREAUTH_REQUIRED. I suspect that what happened is that AD returned the correct error that the key was expired, and the MIT libraries then went and tried to acquire a password-change token with the original password you presented. If that password was not valid, it throws an error.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/915386 Title: SSSD/AD 2008 and Password Change To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/915386/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
