[OpenAFS] klog with sites using fakeka against MIT1.6.2 broken?

Jeffrey Altman jaltman@secure-endpoints.com
Sat, 01 Sep 2007 12:18:49 -0400

Mike Dopheide wrote:
> We've also found that reverting back to MIT Kerberos 1.4.3 wasn't good
> enough.  Some principals would start working with klog again after
> another password change, but others needed to be deleted and recreated.
> Is anyone else using MIT Kerberos 1.6.2 and klog?
> -Mike

My guess is that there aren't a lot of sites that have made the
migration to MIT Kerberos 1.6 on their production KDCs.  There is not
a compelling reason for making that transition unless you are
migrating the back-end database to use LDAP.

To find out what is really going on, fakeka will have to be debugged
to determine when the KABADREQUEST error is being generated.

Jeffrey Altman