Thanks for your quick answer !
I switched to ApacheDS 2.0.0.M7
My first try also gave me the same answer on my kinit request.
But I have changed my krb5.conf (see below) to allow weak type
(des-cbc-md5) thus the encryption type is supported now.
And finally I was able to authenticate. Great !
However I have still the problem for strong type like aes256. Do you have
any idea ?
It is not mandatory for me at the moment but it could be great if I
understand what's happening in that case.
Thanks for your support.
BR,
Ivan
---- krb5.conf ----
[libdefaults]
default_realm = HADOOP.LAN
allow_weak_crypto = true
default_tkt_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
default_tgs_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
permitted_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1
[realms]
HADOOP.LAN = {
kdc = mac.hadoop.lan:60088
}
[domain_realm]
.hadoop.lan = HADOOP.LAN
hadoop.lan = HADOOP.LAN
2012/8/30 Emmanuel Lécharny <[email protected]>
> Le 8/30/12 10:31 AM, Ivan Frain a écrit :
>
> Hi all,
>>
>> I am having trouble with the configuration of apcheDS kdcServer
>> configuration.
>> I am using apacheDS 1.5.7 from tar.gz archive and running on Mac OS X.
>> My java version "1.7.0_05" 64 bits
>>
>> I have successfully started the server and kdcServer is up and running.
>> I have configured the partition and set up one user. The krb5key was
>> generated since I enable the keyDerivation interceptor.
>>
>> The problem comes when I use kinit:
>>
>> $ kinit [email protected]
>> [email protected]'s Password:
>> kinit: krb5_get_init_creds: KDC has no support for encryption type
>>
>>
>> Any help would be much appreciated.
>>
>
> Have you tried with the latest version, 2.0.0-M7 ?
>
> We have fixed *many* issues since 1.5.7, including kerberos bugs...
>
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
>
--
Ivan Frain
11, route de Grenade
31530 Saint-Paul-sur-Save
mobile: +33 (0)6 52 52 47 07
