[OpenAFS] Re: SuSe 9.0 &Heimdal.6
ted creedon
tcreedon@easystreet.com
Fri, 26 Dec 2003 14:58:05 -0800
I have no problem with anything that would help. Send it.
Ted
-----Original Message-----
From: openafs-info-admin@openafs.org =
[mailto:openafs-info-admin@openafs.org]
On Behalf Of Derrick J Brashear
Sent: Friday, December 26, 2003 2:48 PM
To: openafs-info@openafs.org
Subject: RE: [OpenAFS] Re: SuSe 9.0 &Heimdal.6
On Fri, 26 Dec 2003, ted creedon wrote:
> I'm still getting "not authorized" errors and I have the following =
data:
>
> packet #3 is type kvno: 213 indicating that use_2b is being used (set =
in
> krb5.conf) as is 524 conversion.
correct. 255 - 0x2b is 213, fwiw.
> My understanding is that use_2b always sends a packet kvno 213 back. =
This
> seems to conflict with the key version numbers shown below.
it will, the "real" kvno will be in the encrypted part of the packet.
> It there a problem with the admin kdc account having des3-cbc-sha1 =
keys or
> afs not having a kvno of 213?
afs not having a 213 kvno: that's usual
admin kdc account: unsure. i don't think so, but there may be a policy
implication i'm forgetting.
> Does anyone have any suggestions?
you're using heimdal, yes? are you willing to try the recipe i have to
setting up the kaserver and converting that database for use with the
heimdal kdc?
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info