kfw & krb5 1.3.1
Jeffrey Altman
jaltman2 at nyc.rr.com
Mon Feb 9 01:32:34 EST 2004
What operating system are you running on?
If it is Windows 2003 or Windows 2000 Server or Windows XP SP2 then the
problem is that you need to set a registry value to enable the
exportation of TGTs from the Kerberos LSA with the session key intact.
Jeffrey Altman
King Lung Chiu wrote:
> On further testing, I get these errors when trying to renew the ms2mit tgt
> (using 'kinit -R' from both krb5-1.3.1 and kfw 2.5):
>
> kinit(v5): No credentials found with supported encryption types while
> renewing credentials
>
> and with 'leash32 -r' I get a popup window with errors:
>
> No credentials found with supported encryption types
> (Kerberos error 200)
>
> krb5_get_renewed_creds() failed
>
> So I'm guessing ms2mit encrypts its tgt with an algo. not supported by
> krb5-1.3.1? The weird thing is, even leash32 can't renew ms2mit's tgt.
>
> And on checking the file sizes, I get:
>
> krb5's kinit tgt size: 2286 bytes
> kfw's ms2mit tgt size: 1179 bytes
>
> So any ideas?
>
> thanks again, regards
>
> King Lung Chiu
More information about the Kerberos
mailing list