kprop error

[Adam Williams]

I'm using the howto at 
http://www-theorie.physik.unizh.ch/~dpotter/howto/kerberos, but I'm 
getting the following error when trying to copy the database to the 
slave kerberos server:

[root at roark krb5kdc]# kprop -f /var/kerberos/krb5kdc/slave_datatrans 
archives3.mdah.state.ms.us
kprop: Decrypt integrity check failed while getting initial ticket

I've google searched on the error and other people have the problem, but 
I wasn't able to find a fix that worked for me.  Both the master (roark) 
and the slave (archives3) are Fedora 10 x86_64, kpropd is running on 
archives3 and I can telnet and connect to port 754 on archives3.  On 
archives3, /var/kerberos/krb5kdc/kpropd.acl has:

host/roark.mdah.state.ms.us at MDAH.STATE.MS.US
host/archives3.mdah.state.ms.us at MDAH.STATE.MS.US

and I copied /etc/krb5.conf, /var/kerberos/krb5kdc/kdc.conf, 
/var/kerberos/krb5kdc/kadm5.acl, and /etc/gssapi_mech.conf from roark to 
archives3. 

My /etc/krb5.conf is:

[libdefaults]
 default_realm = MDAH.STATE.MS.US
 dns_lookup_realm = false
 dns_lookup_kdc = false
 clockskew = 120

[realms]
 MDAH.STATE.MS.US = {
  kdc = roark.mdah.state.ms.us:88
  kdc = archives3.mdah.state.ms.us:88
  admin_server = roark.mdah.state.ms.us:749
  default_domain = mdah.state.ms.us
 }

[domain_realm]
 .mdah.state.ms.us = MDAH.STATE.MS.US
 mdah.state.ms.us = MDAH.STATE.MS.US

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }
 kinit = {
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
 }

any ideas on why I'm getting that error and how to fix it?