[OpenAFS] Kerberos5 and afs
Steve Devine
sdevine@msu.edu
Thu, 15 Nov 2007 16:45:41 -0500
Forgive the slightly off topic post but I think it applies here as well
on the kerberos list
Several years ago we moved to MIT kerberos 5. At the time I set the
master key in the kdc.conf to:
master_key_type = des-cbc-crc
I did this to allow transfer of principals from our old kaserver to the
new kdc.
Now we are trying to get Windows 2003 AD to auth against our Kerberos
server and it seems that it will not work with our kdc as it is configured.
My question is am I screwed here or just missing something easy? I have
tried multiple allowed enctypes and still no luck.
If I build a kdc without specifying a master key it seems to work.
Have any others done this same thing?
Thanks
/sd
--
Steve Devine
Network Storage & Printing
Academic Computing & Network Services
Michigan State University
506 Computer Center
East Lansing, MI 48824-1042
1-517-432-7327
Baseball is ninety percent mental; the other half is physical.
- Yogi Berra