On Feb 18, 8:01 am, "Kevin Coffman" <[EMAIL PROTECTED]> wrote: > On Feb 17, 2008 10:10 PM, <[EMAIL PROTECTED]> wrote: > > > > > Hello, > > > I am receiving a "kint(v5): Password incorrect while getting initial > > credentials" error after entering a password in response to a prompt > > following a kinit command (kinit user/[EMAIL PROTECTED]). I know > > that I am entering the correct password. The database seems to be > > fine; I can get a ticket as root through: > > kinit -k -t /etc/krb5.keytab user/[EMAIL PROTECTED] > > > I am wondering if this could have anything to do with a > > preauthentication requirement. My KDC.conf has a default principal > > flag of +preauth. > > > Does this flag require any preliminary steps to authenticate before > > (or during) kinit? > > > May there be anything else that I am missing? > > > Thanks a lot. > > If 'user/[EMAIL PROTECTED]' is the same in both cases, the reason you > can't authenticate with a password is because you created the keytab. > The act of creating a keytab causes a new random key to be generated > and placed in the Kerberos database and into the keytab. There is no > password associated with that key and you will only be able to > authenticate as that principal using the keytab. > > If you want to authenticate with a password, do a "cpw" in kadmin for > the principal (and do not do a "ktadd").
C'est magnifique! Thanks, that's just what I needed. Angus ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
