]
This is the step I am unsure of, but I believe it indicates that the
keytab also has a KVNO of 3. Is this correct?
Also, for each creation of the keytab I am deleting the system user and
service principal first before creation. Should this not reset the kvno
back to the initial value?
Thanks,
David
David Telfer wrote:
To determine the keytab kvno;
# /usr/local/sbin/ktutil
ktutil: rkt /etc/krb5.keytab
ktutil: list
slot KVNO Principal
-
13 HTTP/[EMAIL PROTECTED]
This is the step I am unsure
Jeffrey Altman wrote:
Why do you need the kvno to be 1?
It wasn't so much that they needed to match, more to tidy up the situation I
had on the KDC.
For example, what is the enctype of the service ticket issued by the
KDC? Does that match the enctype of the keytab entry you are using?
On 3/23/06, Douglas E. Engert [EMAIL PROTECTED] wrote:
They could look at the userAccountControl field of the account which shows
an an integer. Convert it to hex and look for the DesOnly bit0x20
See http://support.microsoft.com/default.aspx?scid=kb;en-us;305144
You as a user might be
to this? I have to assume
there is a problem with the keytab but I'm at a loss as to what the
problem could be.
David Telfer
[EMAIL PROTECTED]
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
.
Thanks,
David Telfer
[EMAIL PROTECTED]
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos