Decrypt integrity check failed

vishal vicky.recw at gmail.com
Mon Nov 13 17:00:51 EST 2017

Previous message: Linux ksu (kerberized super user) command fails to use cached service (host) tickets... how can I do this?
Next message: temporarily granting a TGT for a client coming in with a 3rd party authn system
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

In AS_REP I see that domain controller is sending the enc type as etype:
eTYPE-AES256-CTS-HMAC-SHA1-96 (18)

however in TGS_REP it is sending as etype: eTYPE-ARCFOUR-HMAC-MD5 (23),

This is causing the " Decrypt integrity check failed" error. Any reason why
domain controller will behave like it?

--Vishal

Previous message: Linux ksu (kerberized super user) command fails to use cached service (host) tickets... how can I do this?
Next message: temporarily granting a TGT for a client coming in with a 3rd party authn system
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Kerberos mailing list