Mike Friedman <mi...@berkeley.edu> writes: > But the fact that kinit seems to be acting the same way would appear to be > the significant point.
Yes. > Here's what getprinc shows: > > kadmin.local: getprinc mikef > Principal: mi...@berkeley.edu > Expiration date: [never] > Last password change: Tue Jan 27 14:41:56 PST 2009 > Password expiration date: Wed Jan 28 11:00:16 PST 2009 > Maximum ticket life: 0 days 10:00:00 > Maximum renewable life: 7 days 00:00:00 > Last modified: Thu Jan 29 11:00:16 PST 2009 (root/ad...@berkeley.edu) > Last successful authentication: [never] > Last failed authentication: [never] > Failed password attempts: 0 > Number of keys: 4 > Key: vno 1, AES-256 CTS mode with 96-bit SHA-1 HMAC, no salt > Key: vno 1, Triple DES cbc mode with HMAC/sha1, no salt > Key: vno 1, ArcFour with HMAC/md5, no salt > Key: vno 1, DES cbc mode with CRC-32, no salt > Attributes: REQUIRES_PRE_AUTH > Policy: [none] Do you get this sort of mismatched error code for a client principal that does not have REQUIRES_PRE_AUTH set? ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos