[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Preauthentication failed



I agree with Michaels suggestion on this.

Markus

----- Original Message ----- 
From: "Florian Erfurth" <floh-erfurth@arcor.de>
To: <heimdal-discuss@sics.se>
Sent: Thursday, May 24, 2007 3:05 PM
Subject: Re: Preauthentication failed


> Michael B Allen wrote:
>
>> Hi Markus,
>>
>> On Tue, 22 May 2007 22:36:02 +0100
>> "Markus Moeller" <huaraz@moeller.plus.com> wrote:
>>
>>> From my experience Computer accounts are fine and we prefer them as user
>>> accounts have (in our environment) a password expiry which otherwise
>>> would mean exception for users with a service principal or the keytab
>>> will get invalid.
>>
>> Ahh, interesting. I didn't think Computer accounts differed in this
>> respect. In fact it was my guess that Computer account password policy
>> was maybe hardcoded to expire reasoning that computers routinely change
>> their account password. But perhaps a Computer account for services would
>> be better.
> [snip]
> So should I try with user-account then or not?
>
> cu Floh
>
>