Active Directory as KDC, MIT Kerberos (Debian) as client
Timo Veith
tv at rz-zw.fh-kl.de
Thu Jul 17 08:21:55 EDT 2003
Hi all,
I am trying to change my password on the KDC which is running on a Active
Directory Controller (Windows Server 2003). I can get a TGT successfully
but when I run kpasswd I give it my current password and then get the
following error message:
tv at gareth [~] kpasswd
Password for timo at DS.FH-KL.DE:
kpasswd: Requested effective lifetime is negative or too short getting
initial ticket
The docs of MIT don't say much about this error, only that it is a valid
error code :(
Here is the output from klist, the time on the client and on the server:
tv at gareth [~] klist -f
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: timo at DS.FH-KL.DE
Valid starting Expires Service principal
07/17/03 14:03:16 07/17/03 23:59:03 krbtgt/DS.FH-KL.DE at DS.FH-KL.DE
Flags: FPIA
tv at gareth [~] date
Thu Jul 17 14:17:05 CEST 2003
On the Server 14:16:02
What am I doing wrong?
TIA
Timo
More information about the Kerberos
mailing list