Hi all, I am having trouble with the configuration of apcheDS kdcServer configuration. I am using apacheDS 1.5.7 from tar.gz archive and running on Mac OS X. My java version "1.7.0_05" 64 bits
I have successfully started the server and kdcServer is up and running. I have configured the partition and set up one user. The krb5key was generated since I enable the keyDerivation interceptor. The problem comes when I use kinit: $ kinit ifr...@hadoop.lan ifr...@hadoop.lan's Password: kinit: krb5_get_init_creds: KDC has no support for encryption type Any help would be much appreciated. Thanks in advance Ivan I switched on DEBUG LOG LEVEL for kdc server and here is the log: [10:24:29] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - / 192.168.198.1:59026 CREATED: datagram [10:24:29] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - / 192.168.198.1:59026 OPENED [10:24:29] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - / 192.168.198.1:59026 RCVD: org.apache.directory.server.kerberos.shared.messages.KdcRequest@2a48a09f [10:24:29] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Received Authentication Service (AS) request: messageType: AS_REQ protocolVersionNumber: 5 clientAddress: 192.168.198.1 nonce: 850330990 kdcOptions: FORWARDABLE clientPrincipal: ifr...@hadoop.lan serverPrincipal: krbtgt/hadoop....@hadoop.lan encryptionType: aes256-cts-hmac-sha1-96 (18), rc4-hmac (23), aes128-cts-hmac-sha1-96 (17), des3-cbc-sha1-kd (16) realm: HADOOP.LAN from time: null till time: 20120830182417Z renew-till time: null hostAddresses: null [10:24:29] DEBUG [org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService] - Session will use encryption type null. [10:24:29] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - KDC has no support for encryption type (14) org.apache.directory.server.kerberos.shared.exceptions.KerberosException: KDC has no support for encryption type at org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.selectEncryptionType(AuthenticationService.java:141) at org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.execute(AuthenticationService.java:103) at org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler.messageReceived(KerberosProtocolHandler.java:145) at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:713) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:46) at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:793) at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:375) at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:229) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:46) at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:793) at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434) at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:426) at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.readHandle(AbstractPollingConnectionlessIoAcceptor.java:436) at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.processReadySessions(AbstractPollingConnectionlessIoAcceptor.java:407) at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.access$600(AbstractPollingConnectionlessIoAcceptor.java:56) at org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor$Acceptor.run(AbstractPollingConnectionlessIoAcceptor.java:360) at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:722) [10:24:29] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Responding to request with error: explanatory text: KDC has no support for encryption type error code: 14 clientPrincipal: null client time: null serverPrincipal: krbtgt/example....@example.com server time: 20120830082429Z [10:24:29] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - / 192.168.198.1:59026 SENT: org.apache.directory.server.kerberos.shared.messages.ErrorMessage@4fa7b2bf [10:25:29] DEBUG [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - / 192.168.198.1:59026 CLOSED -- Ivan Frain 11, route de Grenade 31530 Saint-Paul-sur-Save mobile: +33 (0)6 52 52 47 07
