[OpenAFS] klog with sites using fakeka against MIT1.6.2 broken?

Stephen Joyce stephen@physics.unc.edu
Sun, 2 Sep 2007 20:46:02 -0400 (EDT)

FWIW, I've been running 1.6.1 (not 1.6.2 though) on production KDCs since 
June 28. Everything seems to be working fine. I can get tokens via 
kinit/aklog and plain klog (using fakeka).

The KDCs currently run Solaris, but that's going to change "real soon now" 
once I've have had a chance to fully test our new Debian KDCs.

Cheers, Stephen
Stephen Joyce
Systems Administrator                                            P A N I C
Physics & Astronomy Department                         Physics & Astronomy
University of North Carolina at Chapel Hill         Network Infrastructure
voice: (919) 962-7214                                        and Computing
fax: (919) 962-0480                               http://www.panic.unc.edu

  Some people make the world turn and others just watch it spin.
    -- Jimmy Buffet

On Sat, 1 Sep 2007, Jeffrey Altman wrote:

> Mike Dopheide wrote:
>> We've also found that reverting back to MIT Kerberos 1.4.3 wasn't good
>> enough.  Some principals would start working with klog again after
>> another password change, but others needed to be deleted and recreated.
>> Is anyone else using MIT Kerberos 1.6.2 and klog?
>> -Mike
> My guess is that there aren't a lot of sites that have made the
> migration to MIT Kerberos 1.6 on their production KDCs.  There is not
> a compelling reason for making that transition unless you are
> migrating the back-end database to use LDAP.
> To find out what is really going on, fakeka will have to be debugged
> to determine when the KABADREQUEST error is being generated.
> Jeffrey Altman
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
> --