[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Decoding transited encoding: KDC policy rejects request
Benjamin P Myers wrote:
> Hi,
>
> I'm running SuSE 9.0, using SuSE's heimdal rpm, and am having some
> trouble. I've just converted my mit kdc over to heimdal, had to compile
> a hprop with the patch from here:
> http://www.stacken.kth.se/lists/heimdal-discuss/2003-10/msg00073.html
[...]
> Here's (I think) the relevant part of the log:
> AS-REQ dative@SUKRAHELITEK.COM from IPv4:10.0.2.1 for
> krbtgt/SUKRAHELITEK.COM@SUKRAHELITEK.COM
> TGS-REQ dative@SUKRAHELITEK.COM from IPv4:10.0.2.1 for
> afs@SUKRAHELITEK.COM Decoding transited encoding: KDC policy rejects
> request
[...]
> I've exhausted most everything I can think to do (twice, in many
> cases), except to ask for advice. Any suggestions?
I had a similar problem. It was SuSE's fault here. Try installing the
original heimdal packages without SuSE's security updates (or recompile
and install the new src-rpm). SuSE just updated the heimdal but *not* the
heimdal-libs package! That's why they don't really match any more.
There's a running discussion about the bad quality of SuSE updates during
the last time on the SuSE security mailing list. Feel free to complain
about it if this is the real reason for your problems...
Greetings
Andreas
--
| Andreas Haupt | E-Mail: andreas.haupt@hmi.de
| Hahn-Meitner-Institut (DN) | WWW:
| Glienicker Straße 100 | Phone: +49/30/8062-2597
| 14109 Berlin | Fax: +49/30/8062-2096