Discussion of krb5_get_init_creds_password() behavior wasRe:problem with the kinit_prompter in kfw 2.5
hartmans at MIT.EDU
Sat Feb 21 03:29:19 EST 2004
>>>>> "Ken" == Ken Hornstein <kenh at cmf.nrl.navy.mil> writes:
Jeffrey> Now the discussion is on the topic of double queries
Jeffrey> being sent to the "master" kdc when the password does not
Jeffrey> match the one known by the first kdc tried.
>> Right. ANd I don't see that as problematic since you have to
>> go out of your way to enable the functionality.
Ken> But wait a minute.
Ken> According to what I see in 1.3.1, when use_master is set, it
Ken> uses the krb5.conf entry for "admin_server" (it takes a while
Ken> to find it, but that's certainly how I read
Ken> krb5_locate_srv_conf_1()). I think we _all_ have an
Ken> admin_server set; if we don't, then kadmin & kpasswd won't
Ah, yes my confusion was that I misunderstood the code.
More information about the krbdev