[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: failed to find HTTP/bsdfloh.domain.tld@DOMAIN.TLD(kvno 9) in keytab /usr/local/etc/apache2/bsdflohkeytab

To: heimdal-discuss@sics.se, Florian Erfurth <floh-erfurth@arcor.de>
Subject: Re: failed to find HTTP/bsdfloh.domain.tld@DOMAIN.TLD(kvno 9) in keytab /usr/local/etc/apache2/bsdflohkeytab
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Tue, 12 Jun 2007 15:00:21 -0700
In-Reply-To: <f4k037$75n$2@sea.gmane.org>
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
References: <f4jirs$jj4$1@sea.gmane.org> <20070611114019.d21809b9.mba2000@ioplex.com> <f4k037$75n$2@sea.gmane.org>
Reply-To: heimdal-discuss@sics.se, Love Hörnquist Åstrand <lha@kth.se>

11 jun 2007 kl. 10.14 skrev Florian Erfurth:

> Michael B Allen wrote:
>
>> On Mon, 11 Jun 2007 15:29:06 +0200
>> Florian Erfurth <floh-erfurth@arcor.de> wrote:
>>
>>> Miscellaneous failure (see text) (failed to
>>> find HTTP/bsdfloh.domain.tld@DOMAIN.TLD(kvno 9) in
>>> keytab /usr/local/etc/apache2/bsdflohkeytab)
>> <snip>
>>> Vno  Type         Principal
>>>  10  des-cbc-md5  HTTP/bsdfloh.domain.tld@DOMAIN.TLD
>>> What's wrong? Maybe because kvno differs, huh?
>>
>> Yes. Reset the password and regenerate the keytab to make sure the  
>> keytab
>> is in sync with the KDC.
> If keytab isn't in sync with the KDC, then the following command  
> wouldn't
> work (I think).

The problem is that your client have a non updated krb5 cred cache  
with a ticket the old kvno in it.
When you update the keytab, keep the older kvnos around for your  
maxium ticket lifetime.

So, go to the client and have then run kinit again.

Love

>

Follow-Ups:
- Re: failed to find HTTP/bsdfloh.domain.tld@DOMAIN.TLD(kvno 9) in keytab /usr/local/etc/apache2/bsdflohkeytab
  - From: Florian Erfurth <floh-erfurth@arcor.de>

References:
- failed to find HTTP/bsdfloh.domain.tld@DOMAIN.TLD(kvno 9) in keytab /usr/local/etc/apache2/bsdflohkeytab
  - From: Florian Erfurth <floh-erfurth@arcor.de>
- Re: failed to find HTTP/bsdfloh.domain.tld@DOMAIN.TLD(kvno 9) inkeytab /usr/local/etc/apache2/bsdflohkeytab
  - From: Michael B Allen <mba2000@ioplex.com>
- Re: failed to find HTTP/bsdfloh.domain.tld@DOMAIN.TLD(kvno 9) in keytab /usr/local/etc/apache2/bsdflohkeytab
  - From: Florian Erfurth <floh-erfurth@arcor.de>

Prev by Date: Re: gss_display_name escaping space?
Next by Date: Re: gss_display_name escaping space?
Prev by thread: Re: failed to find HTTP/bsdfloh.domain.tld@DOMAIN.TLD(kvno 9) in keytab /usr/local/etc/apache2/bsdflohkeytab
Next by thread: Re: failed to find HTTP/bsdfloh.domain.tld@DOMAIN.TLD(kvno 9) in keytab /usr/local/etc/apache2/bsdflohkeytab
Index(es):
- Date
- Thread