Incremental propagation when KDCs are clients of a different realm
Toby Blake
toby at inf.ed.ac.uk
Mon Nov 2 11:50:58 EST 2015
> I'll play around a little more and report back.
Still the same. This is what I see on the master...
Nov 02 15:23:29 cardus.our.realm kadmind[25047](Notice): Cannot decrypt ticket for kiprop/cardus.our.realm at OUR.REALM using keytab key for kadmin/changepw at TEST.OUR.REALM
cardus.our.realm is the master - it's a client of OUR.REALM but is a master KDC
for TEST.OUR.REALM
The kiprop principals have to be in OUR.REALM, not TEST.OUR.REALM
Cheers
Toby
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
More information about the Kerberos
mailing list