[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: KRB5_AP_ERR_MODIFIED from win 2003 in version heimdal-0.8-rc1

On Wed, 20 Dec 2006 15:42:26 -0800
"Inna Bort-Shatsky" <inna@decru.com> wrote:

> We have application that worked perfect with heimdal-0.5.1 version. Last
> week I updated heimdal to heimdal-0.8-rc1 and now I receive an
> The steps we did before and worked OK before:
> 1. Get credential with gss_acquire_cred api.
> 2. Get delegated credential with gss_accept_sec_context.    
> 3. Call gss_init_sec_context with received delegated credential and now
> I get an error KRB5_AP_ERR_MODIFIED from windows 2003 KDC.
> May be some one knows how I can troubleshoot this problem?

It would be informative to know how 0.7.2 behaves. The later 0.8 releases
have a significantly reworked GSSAPI. I know Love said there was still
some work required wrt error reporting. It could be a bogus message
(take a capture and see if there's something obvious). Or it could be
something to do with flags. Probably something simple. I know 0.7.2
works fine in the gss delegation scenario.


Michael B Allen
PHP Active Directory SSO