Possible problem with MIT krb5 1.2.4 and MS keytabs
Sam Hartman
hartmans at MIT.EDU
Thu Apr 11 14:48:04 EDT 2002
>>>>> "David" == David Bailey <D.Bailey at Bristol.ac.uk> writes:
David> Hi, I'm not sure if this is a krb5 problem or a feature in
David> the krb5 for AFS kit but I thought I'd ask here for
David> starters.
David> I've managed to get krb524d running on win2k using just the
David> keytab option. The keytab has been generated from an
David> active directory account using Microsoft'd ktpass
David> utility. It seems that krb524d only returns a kvno of 0
David> from the keytab file (which caused me a lot of head
David> scratching), even though the key in the keytab has a
David> non-zero kvno. Could this be related to the recent changes
David> to handle 32 bit key numbers? What kvno is the key using?
David> ANd how did you determine that krb524d is using a kvno of
David> zero? I would not at all be surprised to find the *KDC*
David> was using a kvno of zero on issued tickets, but that's
David> somewhat different.
More information about the Kerberos
mailing list