AS_REQ Return code 60 for principal expired?
Mike Friedman
mikef at berkeley.edu
Thu Dec 11 15:54:23 EST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I've been doing some testing of my programs that use the MIT API against a
KDC running 1.6.1 on a Linux system. On all prior systems where I've run
a KDC, and according to the Kerberos docs, a principal expired condition
should set a return code of 1. But on this test system, it seems I'm
getting back a 60, which the docs define as a 'generic error'.
Now, I realize I may very well have done something wrong in switching my
environment (which I do by pointing to a different krb5.conf file and a
different service keytab). When I point my same programs back to the 1.4.2
production system, I do get the return code=1 that I expect.
When I unexpire the principal, authentication works correctly on the test
system, just as it should.
Does anyone know of any reason I should get back a return code of 60,
instead of 1, for an expired principal on 1.6.1?
Thanks.
Mike
_________________________________________________________________________
Mike Friedman Information Services & Technology
mikef at berkeley.edu 2484 Shattuck Avenue
1-510-642-1410 University of California at Berkeley
http://mikef.berkeley.edu http://ist.berkeley.edu
_________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (FreeBSD)
iEYEARECAAYFAklBff8ACgkQFgKSfLOvZ1Rf+QCdF5oVpwJHhajfbUZ773tOQGPq
DgAAn14YGwUbd8a/9F/5A+SD3tWV8FEw
=Rg4l
-----END PGP SIGNATURE-----
More information about the Kerberos
mailing list