Option for multiple PA-ETYPE-INFO(2)-ENTRY (old behaviour)
ghudson at mit.edu
Fri Nov 18 18:06:29 EST 2016
I thought of another possible workaround that doesn't involve code
changes to 1.14, which is to do (in kadmin):
setstr krbtgt/REALM session_enctypes "aes256-cts aes128-cts"
I have opened http://krbdev.mit.edu/rt/Ticket/Display.html?id=8167 for
this issue, and we may introduce a KDC workaround in the future, along
the lines of the patch I suggested in the last message.
More information about the Kerberos