I am able to login with existing password.

Mark Pröhl mark at mproehl.net
Sun Jun 9 09:44:39 EDT 2013


Hi,

I'm not shure what is going wrong. The only problem that I can see from 
your mail is the error message "Message stream modified ..." during 
password change. When the password change fails it is obvious that the 
old password is still valid and you need to enter the old password at login.

If that failing password change is the main problem you should send your 
krb5.conf (from client and kdc) and kdc.conf and the version of MIT 
kerberos you are using (client version and kdc version). Perhaps someone 
on this list can help you ...

BTW.: the krb5.conf file 
https://docs.zoho.com/writer/published.do?rid=cm31c4c4612d8314e49839a087e8a4afc2059 
does not help reproducing your problem because it is syntacticly incorrect.

Regards,

Mark


>
> I am waiting for your response. Please clarify , what am i doing wrong?.
>
> Thank You,
>
> Bharathikannan R
>
>
> On Tue, Jun 4, 2013 at 10:13 AM, kannan rbk <kannanrbk.r at gmail.com
> <mailto:kannanrbk.r at gmail.com>> wrote:
>
>     HI Mark,
>
>     Do you need any other information?
>
>     Thank You ,
>
>     Bharathikannan R
>
>
>     On Mon, Jun 3, 2013 at 3:57 PM, kannan rbk <kannanrbk.r at gmail.com
>     <mailto:kannanrbk.r at gmail.com>> wrote:
>
>         Hi Mark,
>
>         Inline image 2
>
>
>         KDC Host - kdc-zmedia-server
>
>         This is my design layout.  I integrated my client machines login
>         with  pam.d and krb5.  Now  , I am able to login with kerberos
>         credentials from my client machines.  But, If I change my
>         password using "kpasswd" from client machine , it says "Message
>         stream modified changing password".
>
>
>         $zmedia-bharathi# kpasswd
>         Password for bharathi at ULTRASOUND.ZMEDIA.COM
>         <mailto:bharathi at ULTRASOUND.ZMEDIA.COM>
>         Enter new password:
>         Enter it again:
>         kpasswd: Message stream modified changing password
>
>         *kdc.log *
>
>         Jun 03 15:11:33 zmedia-bharathi krb5kdc[10489](info): AS_REQ (4
>         etypes {18 17 16 23}) 192.168.15.201 <http://192.168.15.201>:
>         NEEDED_PREAUTH: bharathi at ULTRASOUND.ZMEDIA.COM
>         <mailto:bharathi at ULTRASOUND.ZMEDIA.COM> for
>         kadmin/changepw at ULTRASOUND.ZMEDIA.COM
>         <mailto:changepw at ULTRASOUND.ZMEDIA.COM>, Additional
>         pre-authentication required
>
>         Jun 03 15:11:33 zmedia-bharathi krb5kdc[10489](info): AS_REQ (4
>         etypes {18 17 16 23}) 192.168.15.201 <http://192.168.15.201>:
>         NEEDED_PREAUTH: bharathi at ULTRASOUND.ZMEDIA.COM
>         <mailto:bharathi at ULTRASOUND.ZMEDIA.COM> for
>         kadmin/changepw at ULTRASOUND.ZMEDIA.COM
>         <mailto:changepw at ULTRASOUND.ZMEDIA.COM>, Additional
>         pre-authentication required
>
>         Jun 03 15:11:36 zmedia-bharathi krb5kdc[10489](info): AS_REQ (4
>         etypes {18 17 16 23}) 192.168.15.201 <http://192.168.15.201>:
>         ISSUE: authtime 1370252496, etypes {rep=18 tkt=18 ses=18},
>         bharathi at ULTRASOUND.ZMEDIA.COM
>         <mailto:bharathi at ULTRASOUND.ZMEDIA.COM> for
>         kadmin/changepw at ULTRASOUND.ZMEDIA.COM
>         <mailto:changepw at ULTRASOUND.ZMEDIA.COM>
>
>
>         *krb5.conf*
>         *
>         *
>         https://docs.zoho.com/writer/published.do?rid=cm31c4c4612d8314e49839a087e8a4afc2059
>         *
>
>
>
>         *
>         When I am changing my  password  from my client machines using
>         "kpasswd" , I am receiving request to kdc server from my client
>         machine and the kpasswd command was successful too. But  the
>         password was not changed. I tested with "kinit" , It is working
>         with old password.
>
>         Regards ,
>
>         Bharathikannan R
>
>
>
>
>
>         On Fri, May 31, 2013 at 11:13 PM, Mark Pröhl <mark at mproehl.net
>         <mailto:mark at mproehl.net>> wrote:
>
>             Hi,
>
>
>
>             On 30.05.2013 09:58, kannan rbk wrote:
>
>                 I changed password using kpasswd but the existing ticket
>                 cache is not
>                 cleared.
>
>
>             why do you expect the ticket cache to be cleared when you
>             change the password?
>
>
>                 After changed the password I able to login with existing
>                 password
>                 till the existing ticket expiry time.
>
>
>             Can you describe the login process a little bit more (e.g.
>             do you have to enter the password during login)?
>
>             Regards,
>
>             Mark
>
>             --
>             Mark Pröhl
>             mark at mproehl.net <mailto:mark at mproehl.net>
>             www.kerberos-buch.de <http://www.kerberos-buch.de>
>
>
>
>
>         --
>         Regards,
>
>         Bharathikannan R
>
>
>
>
>     --
>     Regards,
>
>     Bharathikannan R
>
>
>
>
> --
> Regards,
>
> Bharathikannan R



More information about the Kerberos mailing list