more ldap concerns
Will Fiveash
William.Fiveash at sun.com
Fri Jun 9 14:30:03 EDT 2006
On Fri, Jun 09, 2006 at 04:55:11AM -0600, Savitha R wrote:
>
> kadmin/cli/kadmin.local -q "getprinc krbtgt/TEST2"
> Authenticating as principal rsavitha/admin at TEST2 with password.
> Principal: krbtgt/TEST2 at TEST2
> Expiration date: [never]
> Last password change: Fri Jun 09 15:44:24 IST 2006
> Password expiration date: [none]
> Maximum ticket life: 1 day 00:00:00
> Maximum renewable life: 0 days 00:00:00
> Last modified: Fri Jun 09 15:44:24 IST 2006
> (cn=Manager,dc=testopenldap,dc=com at TEST2)
> Last successful authentication: [never]
> Last failed authentication: [never]
> Failed password attempts: 0
> Number of keys: 2
> Key: vno 2, Triple DES cbc mode with HMAC/sha1, no salt
> Key: vno 2, DES cbc mode with CRC-32, no salt
> Attributes:
> Policy: [none]
>
> Sequence of commands tried: create realm, getprinc, cpw with randkey
> option and getprinc.
>
> Is there any step that I have missed?
Not that I can tell. So on your setup, the old keys are removed using
the ldap plugin while on mine the old keys are not being removed. I'll
do some more debugging and let you and the krbdev list know what I find.
Thanks for checking on this.
--
Will Fiveash
Sun Microsystems Inc.
Austin, TX, USA (TZ=CST6CDT)
More information about the krbdev
mailing list