Kerberos troubles
Christopher D. Clausen
cclausen at acm.org
Tue Sep 21 15:28:00 EDT 2010
Jean-Yves Avenard <jyavenard at gmail.com> wrote:
> I have now identified the cause of the issue.
> When using mod_auth_kerb with MIT krb5 v1.6.x it works perfectly
> with krb5 1.7 and 1.7.1 same.
> However, I get this "GSS-API major_status:000d0000,
> minor_status:000186a3" error whenever I use MIT 1.8.x kerberos
> libraries (tested with 1.8.1 and 1.8.3)
I'm guessing you need to enable single DES encryption types on the KDCs, the
web server and the clients.
You should look into the allow_weak_crypto = true in the [libdefaults]
section of krb5.conf
<<CDC
More information about the Kerberos
mailing list