[38634] in Kerberos
Password has expired while getting initial ticket during replication
daemon@ATHENA.MIT.EDU (Stephen Carville (Kerberos List))
Mon Dec 2 12:04:56 2019
To: <kerberos@mit.edu>
From: "Stephen Carville (Kerberos List)" <b44261a2@opayq.com>
Message-ID: <fc34866b-dde4-c670-19e6-ef1473e7d19a@opayq.com>
Date: Mon, 2 Dec 2019 09:02:52 -0800
MIME-Version: 1.0
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Kind of at wits end here...
Recently replication to the slave servers broke. I last update was on
Sep 10 07:01 but did not discover it until starting to migrate from
CentOS 6 to CentOS 7.
The following script runs hourly
----
SLAVES="
scakerb02.lereta.com
"
# export the Kerberos database
/usr/sbin/kdb5_util dump /var/kerberos/krb5kdc/slave_datatrans
# propogate to all the slave servers
for SLAVE in $SLAVES; do
/usr/sbin/kprop -f /var/kerberos/krb5kdc/slave_datatrans $SLAVE
done
----
The error is:
/usr/sbin/kprop: Password has expired while getting initial ticket
I restarted krb5kdc on both servers and kpropd on the slave server. I
recreated the keytab file on both servers. Error is still the same
I can get a ticket using either server but I just cannot get replication
working again.
system is CentOS 6
Kerberos version is 1.10.3
--
Stephen
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
