thank you. I made the changes you told me but still not working. my kinit doesn't work
# kinit [email protected] kinit(v5): Client or server has a null key while getting initial credentials tail -f /var/lib/apacheds-1.5.7/default/log/apacheds-rolling.log [10:15:29] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Session will use encryption type des-cbc-md5 (3). [10:15:29] DEBUG [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] - Found entry ServerEntry dn[n]: uid=hnelson,ou=Users,dc=example,dc=com objectClass: organizationalPerson objectClass: person objectClass: krb5Principal objectClass: inetOrgPerson objectClass: krb5KDCEntry objectClass: top uid: hnelson sn: Nelson krb5PrincipalName: [email protected] krb5KeyVersionNumber: 0 cn: Horatio Nelson userPassword: '0x73 0x65 0x63 0x72 0x65 0x74 ' for kerberos principal name [email protected] [10:15:29] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - The client or server has a null key (9) org.apache.directory.server.kerberos.shared.exceptions.KerberosException: The client or server has a null key at org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.getEntry(AuthenticationService.java:758) at org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.getClientEntry(AuthenticationService.java:153) at org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.execute(AuthenticationService.java:104) at org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler.messageReceived(KerberosProtocolHandler.java:145) at org.apache.mina.core.filterchain.DefaultIoFilterChain $TailFilter.messageReceived(DefaultIoFilterChain.java:713) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) at org.apache.mina.core.filterchain.DefaultIoFilterChain.access $1200(DefaultIoFilterChain.java:46) at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl $1.messageReceived(DefaultIoFilterChain.java:793) at org.apache.mina.filter.codec.ProtocolCodecFilter $ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:375) at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:229) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) at org.apache.mina.core.filterchain.DefaultIoFilterChain.access $1200(DefaultIoFilterChain.java:46) at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl $1.messageReceived(DefaultIoFilterChain.java:793) at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:426) at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.readHandle(AbstractPollingConnectionlessIoAcceptor.java:436) at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.processReadySessions(AbstractPollingConnectionlessIoAcceptor.java:407) at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.access$600(AbstractPollingConnectionlessIoAcceptor.java:56) at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor $Acceptor.run(AbstractPollingConnectionlessIoAcceptor.java:360) at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64) at java.util.concurrent.ThreadPoolExecutor $Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor $Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:619) [10:15:29] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Responding to request with error: explanatory text: The client or server has a null key error code: 9 clientPrincipal: null client time: null serverPrincipal: krbtgt/[email protected] server time: 20100625081529Z [10:15:29] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /127.0.0.1:55815 SENT: org.apache.directory.server.kerberos.shared.messages.errormess...@63fb050c [10:16:29] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /127.0.0.1:55815 CLOSED to try authentication i used the principal [email protected] with password secret as explained in the advanced user guide. i face a problem before this step i was not able to run kinit for [email protected] as explained before (kinit [email protected] kinit(v5): Client or server has a null key while getting initial credentials). LDAP entry in LDIF format (i followed the official documentation given i the web site advanced user guide): # ldapsearch -b "uid=hnelson,ou=Users,dc=example,dc=com" -LLL -x dn: uid=hnelson,ou=Users,dc=example,dc=com uid: hnelson sn: Nelson krb5PrincipalName: [email protected] objectClass: organizationalPerson objectClass: person objectClass: krb5Principal objectClass: inetOrgPerson objectClass: krb5KDCEntry objectClass: top krb5KeyVersionNumber: 0 cn: Horatio Nelson userPassword:: c2VjcmV0 the file i used to populate my directory is the kdc-data.ldif given in the web site. hope that's what you asked me for. thank you.
