[OpenAFS] Kerberos5 and afs
Thu, 15 Nov 2007 16:45:41 -0500
Forgive the slightly off topic post but I think it applies here as well
on the kerberos list
Several years ago we moved to MIT kerberos 5. At the time I set the
master key in the kdc.conf to:
master_key_type = des-cbc-crc
I did this to allow transfer of principals from our old kaserver to the
Now we are trying to get Windows 2003 AD to auth against our Kerberos
server and it seems that it will not work with our kdc as it is configured.
My question is am I screwed here or just missing something easy? I have
tried multiple allowed enctypes and still no luck.
If I build a kdc without specifying a master key it seems to work.
Have any others done this same thing?
Network Storage & Printing
Academic Computing & Network Services
Michigan State University
506 Computer Center
East Lansing, MI 48824-1042
Baseball is ninety percent mental; the other half is physical.
- Yogi Berra