[37946] in Kerberos
Re: KDC 1.15 startup error: Invalid credentials - while initializing
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Apr 13 11:39:45 2017
To: Jaap Winius <jwinius@umrk.nl>, "Pallissard, Matthew" <krb@pallissard.net>
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <0cfa14c0-99a3-7915-cb3e-2ded8f3970c0@mit.edu>
Date: Thu, 13 Apr 2017 11:39:30 -0400
MIME-Version: 1.0
In-Reply-To: <20170413151345.61395fp0qvu0cqkp@bitis.umrk.nl>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 04/13/2017 09:13 AM, Jaap Winius wrote:
> Regrettably, no, I don't have the passwords. I copied the
> 'service.keyfile 'and 'stash' files from the old systems hoped it
> would work. Could it be that the required format or key type of one or
> both of these files has changed? If so, then unless I can decrypt that
> HEX value it will probably be necessary to create a new realm. If not,
> then it does make troubleshooting a bit more difficult.
To my knowledge the format of that file has not changed, so I don't know
why the 1.15 KDC isn't able to bind the LDAP server when the 1.10 KDCs can.
The HEX value is not encrypted. It's just encoded in hex. So "3c" is
the ASCII value 60 which is the character '<', and so forth.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
