Win logon to a MIT Kerberos V KDC?
Clint Chaplin
cchaplin at sj.symbol.com
Wed Oct 2 17:58:45 EDT 2002
Read that log again carefully. It's saying that the >client< time is 1989, not the server time...
Clint (JOATMON) Chaplin
>>> "Tony Hoyle" <tmh at nodomain.org> 10/2/02 13:59:03 >>>
OK I think I've found a problem. I found out how to enable logging
on the Win2k sid and got:
The function LogonUser received a Kerberos Error Message:
on logon session NODOMAIN.ORG\tmh
Client Time: 13:30:11.0000 11/2/1989 Z
Server Time: 20:49:3.0000 10/2/2002 (null)
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Client Realm: NODOMAIN.ORG
Client Name: tmh
Server Realm: NODOMAIN.ORG
Server Name: krbtgt/NODOMAIN.ORG
Target Name: krbtgt/NODOMAIN.ORG at NODOMAIN.ORG
Error Text: NEEDED_PREAUTH
File:
Line:
Error Data is in record data.
That's one hell of a time difference... The Win2k server thinks it's
1989!
Now I need to sync the Win2k kerberos client with the rest of Win2k -
obviously it's not automatic. The Win2k clock is correct & synced with
win32time. Any ideas on how to do this?
Tony
________________________________________________
Kerberos mailing list Kerberos at mit.edu
http://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list