This worked 100% and fixed the problem! >Co-worker Shawn Emery wrote the following when dealing with a similar >problem: > > One thing I noticed from the error message was that the "New > password cannot be zero length" is mapped to the > KRB5_KT_KVNONOTFOUND error return value. Which means that the keys > for host/vbi.nm.nh.bar in their /etc/krb5/krb5.keytab file does not > match those that are found in AD. Check to make sure that the > Windows ktpass executable is not pre-w2k3, there is a known issue > with it that always sets the key version numbers (kvno) to 1, while > the w2k3+ AD server now enforces correct kvnos. > >-- >Will Fiveash >Sun Microsystems Inc. >Austin, TX, USA (TZ=CST6CDT)
________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos