[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

using kpasswd with ldap db (0.7.2)

To: heimdal-discuss@sics.se
Subject: using kpasswd with ldap db (0.7.2)
From: "Eric Ortego" <ericortego@gmail.com>
Date: Wed, 31 May 2006 09:27:35 -0500
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=gcOubegZanBi5XQ4xtiE/YDje0Cw6nEXUCydxZ7QTDT8QNJcmZrXEHQ2UE8mwoAb2lK8Vod1xFqzcVz0YdYyJzZnRGgpNm2QflhSuybU6HVM5XzyyXQHrn2hPXtXN3m6RtixbQisewqT6yFGOXfFaAgD7j8CDt1io+uSFOR8MVU=
In-Reply-To: <6f3edef40605310727g6bd23b6cs5ec0958dd248ab60@mail.gmail.com>
References: <6f3edef40605191020n260b881fj84b9576144ec2091@mail.gmail.com> <m264jvy8vj.fsf@nutcracker-2.local> <93AE60CF-3834-431E-909A-789CF2BBDD3E@jpl.nasa.gov> <6f3edef40605310727g6bd23b6cs5ec0958dd248ab60@mail.gmail.com>
Sender: owner-heimdal-discuss@sics.se

On 5/30/06, Henry B. Hotz <hotz@jpl.nasa.gov> wrote:
> Does disabling pre-auth have any affect?
how do I disable it?
I have the same problem with or without the following in my krb5.conf:

[libdefaults]
        require-preauth = no


>
> On May 24, 2006, at 4:12 AM, Love Hörnquist Åstrand wrote:
>
> > "Eric Ortego" <ericortego@gmail.com> writes:
> >
> >> My directory hold the kerberos db and was working great untill I
> >> upgraded to 0.7.2
> >> What stopped working was kpasswd. I can no longer change a users
> >> password with it.
> >> This is the error I get, which is output twice for each passwd
> >> change attempt:
> >>
> >> [kpasswdd] Changing password for eric@MYDOMAIN.COM
> >> [kpasswdd] kadm5_s_chpass_principal_cond: ldap_modify_s:
> >> eric@MYDOMAIN.COM (dn=uid=eric,ou=people,dc=mydomain,dc=com) Type or
> >> value exists: krb5EncryptionType: value #0 provided more than once
> >>
> >> The only way I am able to use kpasswd to update passwords is by first
> >> deleting the entry for krb5EncryptionType
> >>
> >> Is this a known bug or possibly some configuration option I have
> >> overlooked that fixes this?
> >
> > I think its a bug somewhere where the krb5EncryptionType is set, but I
> > can't figure out what it is. If you have time to debug the code its in
> > lib/hdb/hdb-ldap.c:LDAP_entry2mods() where the krb5EncryptionType
> > is set.
> >
> > if you can't find the error, you can just comment out the while "if
> > (ent->etypes) { " section in that file.
> >
> > Love
>
> ------------------------------------------------------------------------
> ----
> The opinions expressed in this message are mine,
> not those of Caltech, JPL, NASA, or the US Government.
> Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu
>
>
>

References:
- using kpasswd with ldap db (0.7.2)
  - From: "Eric Ortego" <ericortego@gmail.com>
- Re: using kpasswd with ldap db (0.7.2)
  - From: Love Hörnquist Åstrand <lha@kth.se>
- Re: using kpasswd with ldap db (0.7.2)
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>

Prev by Date: Re: using kpasswd with ldap db (0.7.2)
Next by Date: No Subject
Prev by thread: Re: using kpasswd with ldap db (0.7.2)
Next by thread: Re: using kpasswd with ldap db (0.7.2)
Index(es):
- Date
- Thread