HELP!!! I am also having the kpropd problem
Andrea
acirulli at gmail.com
Tue Mar 11 15:19:34 EDT 2008
On 11 Mar, 20:17, Andrea <aciru... at gmail.com> wrote:
> On 11 Mar, 08:46, ger... at compvia.com wrote:
>
>
>
> > Hi,
>
> > Okay... I think I've found the issue. Apparently there is a problem when
> > running kpropd from inetd. A little googling turned up others that have
> > had thie same issue. This is probably a side effect of the fork/exec by
> > inetd. Does anyone know if there is already a bug open for this?
>
> > Thanks,
> > -G
>
> > Jason Edgecombe <ja... at rampaginggeek.com>
> > 03/10/2008 08:46 PM
>
> > To
> > ger... at compvia.com
> > cc
> > kerbe... at mit.edu
> > Subject
> > Re: HELP!!! I am also having the kpropd problem
>
> > ger... at compvia.com wrote:
> > > Hi,
>
> > > I tried copying the krb5kdc directory to the slave. I get the same
> > result
> > > (Decrypt integrity check failed while getting initial ticket). Is there
> > > something else I could try?
>
> > > Thanks,
> > > -G
>
> > "Decrypt integrity check failed" usually means that the password is wrong.
>
> > Jason
>
> The problem sounds that there is some problem with the key stash file
> that allows authenticating on the db for the propagation.
>
> Be sure that the kdc.conf, and then be sure that the kdc is correctly
> reading the proper kdc.conf.
>
> I had a lot of problem with kprop and kpropd, but finally I get them
> working on linux and solaris.
>
> If you create a new db on the slave be sure that the admin key in the
> creation of the db is the same of the master one.
>
> Let me know.
>
> Bye.
Well with "Be sure that the kdc.con" i mean check wether the kdc.conf
is correct or not, that is if the pointer to the db, stash, acl are
correct.
Then, be sure that the kpropd.acl is configured, that is the server is
allowed to the propagation of the db.
Bye.
More information about the Kerberos
mailing list