I am able to login with existing password.

kannan rbk kannanrbk.r at gmail.com
Mon Jun 3 06:27:53 EDT 2013 

Hi Mark,

[image: Inline image 2]


KDC Host - kdc-zmedia-server

This is my design layout.  I integrated my client machines login with
 pam.d and krb5.  Now  , I am able to login with kerberos credentials from
my client machines.  But, If I change my password using "kpasswd" from
client machine , it says "Message stream modified changing password".


$zmedia-bharathi# kpasswd
Password for bharathi at ULTRASOUND.ZMEDIA.COM
Enter new password:
Enter it again:
kpasswd: Message stream modified changing password

*kdc.log *

Jun 03 15:11:33 zmedia-bharathi krb5kdc[10489](info): AS_REQ (4 etypes {18
17 16 23}) 192.168.15.201: NEEDED_PREAUTH:
bharathi at ULTRASOUND.ZMEDIA.COMfor kadmin/
changepw at ULTRASOUND.ZMEDIA.COM, Additional pre-authentication required

Jun 03 15:11:33 zmedia-bharathi krb5kdc[10489](info): AS_REQ (4 etypes {18
17 16 23}) 192.168.15.201: NEEDED_PREAUTH:
bharathi at ULTRASOUND.ZMEDIA.COMfor kadmin/
changepw at ULTRASOUND.ZMEDIA.COM, Additional pre-authentication required

Jun 03 15:11:36 zmedia-bharathi krb5kdc[10489](info): AS_REQ (4 etypes {18
17 16 23}) 192.168.15.201: ISSUE: authtime 1370252496, etypes {rep=18
tkt=18 ses=18}, bharathi at ULTRASOUND.ZMEDIA.COM for kadmin/
changepw at ULTRASOUND.ZMEDIA.COM

*krb5.conf*
*
*
https://docs.zoho.com/writer/published.do?rid=cm31c4c4612d8314e49839a087e8a4afc2059
*



*
When I am changing my  password  from my client machines using "kpasswd" ,
I am receiving request to kdc server from my client machine and the kpasswd
command was successful too. But  the password was not changed. I tested
with "kinit" , It is working with old password.

Regards ,

Bharathikannan R





On Fri, May 31, 2013 at 11:13 PM, Mark Pröhl <mark at mproehl.net> wrote:

> Hi,
>
>
>
> On 30.05.2013 09:58, kannan rbk wrote:
>
>> I changed password using kpasswd but the existing ticket cache is not
>> cleared.
>>
>
> why do you expect the ticket cache to be cleared when you change the
> password?
>
>
>  After changed the password I able to login with existing password
>> till the existing ticket expiry time.
>>
>
> Can you describe the login process a little bit more (e.g. do you have to
> enter the password during login)?
>
> Regards,
>
> Mark
>
> --
> Mark Pröhl
> mark at mproehl.net
> www.kerberos-buch.de
>
>


-- 
Regards,

Bharathikannan R

More information about the Kerberos mailing list