[15897] in Kerberos_V5_Development
Re: KRB5_KT_KVNONOTFOUND (-1765328154L) error
daemon@ATHENA.MIT.EDU (vir vir)
Thu Jun 17 18:21:01 2010
Message-ID: <891795.34404.qm@web50108.mail.re2.yahoo.com>
Date: Thu, 17 Jun 2010 15:20:52 -0700 (PDT)
From: vir vir <vitrou2004@yahoo.com>
To: Ken Raeburn <raeburn@mit.edu>
In-Reply-To: <B5C9AF76-608C-4B96-A479-B2D98A17D0F6@mit.edu>
MIME-Version: 1.0
Cc: krbdev@mit.edu
Content-Type: text/plain; charset="iso-8859-1"
Errors-To: krbdev-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hi,
I used ktadd
did klist -k I see kvno one number for <principal_name> and when I did kvno <principal_name> I saw a different number for the same <principal_name>.
What could be the problem?
How I can fix it?
Thanks,
Alex
--- On Mon, 5/31/10, Ken Raeburn <raeburn@MIT.EDU> wrote:
From: Ken Raeburn <raeburn@MIT.EDU>
Subject: Re: KRB5_KT_KVNONOTFOUND (-1765328154L) error
To: "vir vir" <vitrou2004@yahoo.com>
Cc: krbdev@mit.edu
Received: Monday, May 31, 2010, 11:22 AM
On May 31, 2010, at 14:01, vir vir wrote:
> Hi,
>
> I am creating a keytab file and adding a new entry using ktutil addent
>
> on linux service machine everything works fine on HP machine after I am adding it and running gss_accept_sec_context() I got KRB5_KT_KVNONOTFOUND. What could be the problem and how I can trace it?
A couple things you could look at are "klist -k" on the server to show the keytab contents, and "kvno" on the client to show the credentials. Based on that message, my guess would be that you're adding the new entry with the wrong key version number; if kvno indicates the key version number stored on the KDC is different from that in the keytab file, you should fix the keytab file. Using kadmin's "ktadd" is probably a safer way of getting it right, anyways.
Ken
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev