I would like to add that I am using java version "1.7.0_09-icedtea" OpenJDK Runtime Environment (rhel-2.3.8.0.el6_4-x86_64) OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)
-----Original Message----- From: users-return-5220-James.C.Wu=disney....@directory.apache.org [mailto:users-return-5220-James.C.Wu=disney....@directory.apache.org] On Behalf Of Wu, James C. Sent: Friday, April 05, 2013 5:25 PM To: users@directory.apache.org Subject: kinit failed on - Integrity check on decrypted field failed Hi, I am trying to set up ApacheDS as a KDC. After adding hnelson using the following ldif, I could not get kinit to get the ticket dn: uid=hnelson,ou=users,dc=example,dc=com objectclass: top objectclass: person objectclass: inetOrgPerson objectclass: krb5Principal objectclass: krb5KDCEntry cn: Horatio Nelson sn: Nelson uid: hnelson userpassword: secret krb5PrincipalName: hnel...@example.com<mailto:hnel...@example.com> The log output of ApacheDS show the following output: [cloud-user@n7-z01-0a2a0c3a ~]$ [17:15:57] ERROR [org.apache.directory.server.KERBEROS_LOG] - No timestamp found [17:15:57] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Additional pre-authentication required (25) [17:15:57] WARN [org.apache.directory.server.KERBEROS_LOG] - Additional pre-authentication required (25) [17:16:00] WARN [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - Integrity check on decrypted field failed (31) [17:16:00] WARN [org.apache.directory.server.KERBEROS_LOG] - Integrity check on decrypted field failed (31) Could someone give me some hint? james