[OpenAFS] Active Directory 2003, kerberos 5, openAFS - rxkad error=19270407, arghhhh

Lönroth Erik erik.lonroth@scania.com
Thu, 4 Jan 2007 13:53:58 +0100 

This is a multi-part message in MIME format.

------_=_NextPart_001_01C72FFF.663CFB46
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Indeed our AD is 2003 SP1 and I assume "ktpass.exe" is the one that =
comes with it.

I compared the keys generated:

[root@vmware01 ~]# klist -k keytab.file-ktpass -t -K
Keytab name: FILE:keytab.file-ktpass=20
KVNO Timestamp         Principal
---- ----------------- =
--------------------------------------------------------
   9 01/01/70 01:00:00 afs/sss.se.scania.com@LAB.SCANIA.COM =
(0xbff2e56b29943d3e)


[root@vmware01 ~]# klist -k keytab.file-kutil -t -K
Keytab name: FILE:keytab.file-kutil
KVNO Timestamp         Principal
---- ----------------- =
--------------------------------------------------------
   9 01/03/07 15:01:32 afs/sss.se.scania.com@LAB.SCANIA.COM =
(0x9e19640df73d19d5)


Obvously some difference...

Thanx alot for your help on this ! We were getting desperate on this =
over here!

We will make sure to change "ktpass" for a "non-bogus one" and continue =
our work with openAFS. Also good to know we can generate keyfiles =
natively and get it to work.=20

/Erik Lonroth

P.S. We have changed our key after posting it in the forum ;)


-----Original Message-----
From: openafs-info-admin@openafs.org on behalf of Jeffrey Altman
Sent: Wed 1/3/2007 5:26 PM
To: Derrick J Brashear
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] Active Directory 2003, kerberos 5, openAFS - =
rxkad error=3D19270407, arghhhh
=20
Derrick J Brashear wrote:

> When I was preparing my slides I had this error, and then I took a
> package from Jeff Altman with ktpass; then ktpass worked, but I =
assumed
> I had changed something else.

Right.  What version of ktpass are you using?  There was a bug in one
version.  The one that came with 2003 SP1 perhaps?






------_=_NextPart_001_01C72FFF.663CFB46
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
6.5.7650.28">
<TITLE>RE: [OpenAFS] Active Directory 2003, kerberos 5, openAFS - rxkad =
error=3D19270407, arghhhh</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->

<P><FONT SIZE=3D2>Indeed our AD is 2003 SP1 and I assume =
&quot;ktpass.exe&quot; is the one that comes with it.<BR>
<BR>
I compared the keys generated:<BR>
<BR>
[root@vmware01 ~]# klist -k keytab.file-ktpass -t -K<BR>
Keytab name: <A =
HREF=3D"FILE:keytab.file-ktpass">FILE:keytab.file-ktpass</A><BR>
KVNO Timestamp&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
Principal<BR>
---- ----------------- =
--------------------------------------------------------<BR>
&nbsp;&nbsp; 9 01/01/70 01:00:00 afs/sss.se.scania.com@LAB.SCANIA.COM =
(0xbff2e56b29943d3e)<BR>
<BR>
<BR>
[root@vmware01 ~]# klist -k keytab.file-kutil -t -K<BR>
Keytab name: <A =
HREF=3D"FILE:keytab.file-kutil">FILE:keytab.file-kutil</A><BR>
KVNO Timestamp&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
Principal<BR>
---- ----------------- =
--------------------------------------------------------<BR>
&nbsp;&nbsp; 9 01/03/07 15:01:32 afs/sss.se.scania.com@LAB.SCANIA.COM =
(0x9e19640df73d19d5)<BR>
<BR>
<BR>
Obvously some difference...<BR>
<BR>
Thanx alot for your help on this ! We were getting desperate on this =
over here!<BR>
<BR>
We will make sure to change &quot;ktpass&quot; for a &quot;non-bogus =
one&quot; and continue our work with openAFS. Also good to know we can =
generate keyfiles natively and get it to work.<BR>
<BR>
/Erik Lonroth<BR>
<BR>
P.S. We have changed our key after posting it in the forum ;)<BR>
<BR>
<BR>
-----Original Message-----<BR>
From: openafs-info-admin@openafs.org on behalf of Jeffrey Altman<BR>
Sent: Wed 1/3/2007 5:26 PM<BR>
To: Derrick J Brashear<BR>
Cc: openafs-info@openafs.org<BR>
Subject: Re: [OpenAFS] Active Directory 2003, kerberos 5, openAFS - =
rxkad error=3D19270407, arghhhh<BR>
<BR>
Derrick J Brashear wrote:<BR>
<BR>
&gt; When I was preparing my slides I had this error, and then I took =
a<BR>
&gt; package from Jeff Altman with ktpass; then ktpass worked, but I =
assumed<BR>
&gt; I had changed something else.<BR>
<BR>
Right.&nbsp; What version of ktpass are you using?&nbsp; There was a bug =
in one<BR>
version.&nbsp; The one that came with 2003 SP1 perhaps?<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
</FONT>
</P>

</BODY>
</HTML>
------_=_NextPart_001_01C72FFF.663CFB46--