[37942] in Kerberos
Re: KDC 1.15 startup error: Invalid credentials - while
daemon@ATHENA.MIT.EDU (Jaap Winius)
Thu Apr 13 09:14:03 2017
Message-ID: <20170413151345.61395fp0qvu0cqkp@bitis.umrk.nl>
Date: Thu, 13 Apr 2017 15:13:45 +0200
From: Jaap Winius <jwinius@umrk.nl>
To: "Pallissard, Matthew" <krb@pallissard.net>
In-Reply-To: <1492085620.1939.9.camel@pallissard.net>
MIME-Version: 1.0
Content-Disposition: inline
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Quoting "Pallissard, Matthew" <krb@pallissard.net>:
> Do your cn=config databases match?
Almost. The main difference is that the databases on the old systems
are in an hdb format and the new one uses mdb, so there are a few
olcDbConfig lines on the old systems that are not present in the new
system.
> Do you know what that hashed password actually is? Can you manually
> bind with that username/pw and ldapsearch?
Regrettably, no, I don't have the passwords. I copied the
'service.keyfile 'and 'stash' files from the old systems hoped it
would work. Could it be that the required format or key type of one or
both of these files has changed? If so, then unless I can decrypt that
HEX value it will probably be necessary to create a new realm. If not,
then it does make troubleshooting a bit more difficult.
Thanks,
Jaap
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
