[OpenAFS] bos status reports wrong key version number
Christopher Mason
Mason.Christopher@mayo.edu
Mon, 25 Jun 2007 23:50:48 -0500
Derrick J Brashear wrote:
> which were what types?
3 afs/mprc.mayo.edu@MFAD.MFROOT.ORG (DES cbc mode with CRC-32)
3 afs/mprc.mayo.edu@MFAD.MFROOT.ORG (DES cbc mode with RSA-MD5)
3 afs/mprc.mayo.edu@MFAD.MFROOT.ORG (ArcFour with HMAC/md5)
> the right answer is not to delete them from the keytab. it's to delete
> them from the kdc.
I'm just not sure how to do this.
I'm trying msktutil now but it's giving:
[root@mprcafs01 msktutil-0.3.16]# ./msktutil --server
mfadir04.mfad.mfroot.org --update -h mprafs01.mayo.edu
Error: ldap_set_option failed (Unknown authentication method)
Error: ldap_connect failed
I guess I'll try ktpass.exe next. Do I have to create a new user
account or can I use an existing machine account created by samba?
Obviously, I'll whack it and re-create it before using ktpass.exe.
Thanks,
-c
oot@mprcafs01 msktutil-0.3.16]# rpm -qa | grep sasl
cyrus-sasl-lib-2.1.22-4
cyrus-sasl-plain-2.1.22-4
cyrus-sasl-2.1.22-4
cyrus-sasl-devel-2.1.22-4
cyrus-sasl-lib-2.1.22-4
[root@mprcafs01 msktutil-0.3.16]# rpm -qa | grep openldap
openldap-2.3.30-2.fc6
openldap-devel-2.3.30-2.fc6
openldap-2.3.30-2.fc6
openldap-devel-2.3.30-2.fc6