Discussion of krb5_get_init_creds_password() behavior wasRe:problem with the kinit_prompter in kfw 2.5

Jeffrey Altman jaltman at columbia.edu
Thu Feb 19 20:41:49 EST 2004

Sam Hartman wrote:

>    John> And that was the problem Beata Pruski mentioned.  If no
>    John> master kdcs are defined, and a user has an expired password,
>    John> then
>    John>    the 1st call returns KRB5_EXPIRED_PASSWORD (or whatever
>    John> it is), then
>    John>    the 2nd call fails with that oddly named REALM error, and
>    John> *that* gets returned
>And Alexis mentioned this has already been fixed.
I believe we had moved beyond that discussion.  We
agree the prompter issue has been fixed.  That is why
I changed the subject line. 

Now the discussion is on the topic of double queries
being sent to the "master" kdc when the password does
not match the one known by the first kdc tried.

More information about the krbdev mailing list