[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Client expired


I have a problem with my account in our domain. We are using Heimdal 0.7.2 
(Debian etch packages) with the LDAP backend.

If I try to get a ticket I got the following output:

root@anton:~# kinit stefan
stefan@KNUT.UNIVENTION.DE's Password:
kinit: krb5_get_init_creds: Client (stefan@KNUT.UNIVENTION.DE) expired

The kadmin -l shows me:
root@anton:~# kadmin -l get stefan
            Principal: stefan@KNUT.UNIVENTION.DE
    Principal expires: never
     Password expires: 2008-01-24 07:32:02 UTC
 Last password change: never
      Max ticket life: unlimited
   Max renewable life: unlimited
                 Kvno: 3
                Mkvno: 0
Last successful login: never
    Last failed login: never
   Failed login count: 0
        Last modified: 2007-12-05 07:32:03 UTC
             Modifier: stefan@KNUT.UNIVENTION.DE
             Keytypes: aes256-cts-hmac-sha1-96(pw-salt), 
aes128-cts-hmac-sha1-96(pw-salt), des3-cbc-sha1(pw-salt), des3-cbc-md5
(pw-salt), arcfour-hmac-md5(pw-salt), des-cbc-md5(pw-salt), des-cbc-md4
(pw-salt), des-cbc-crc(pw-salt), arcfour-hmac-md5(pw-salt)

And a dump:
root@anton:~# kadmin -l dump | grep ^stefan@KNUT.UNIVENTION.DE
20040602101607:UNKNOWN 20071205073203:stefan@KNUT.UNIVENTION.DE - 
19700101000000 20080124073202 - - 126 -

Were does the 19700101000000 come from? And could I delete the entry, so that 
I got a valid account?

Stefan Gohmann         Entwicklung              gohmann@univention.de
Univention GmbH        Linux for your Business  fon: +49 421 22 232- 0
Mary-Somerville-Str.1  28359 Bremen             fax: +49 421 22 232-99