[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Client expired

To: heimdal-discuss@sics.se
Subject: Client expired
From: Stefan Gohmann <gohmann@univention.de>
Date: Wed, 5 Dec 2007 08:41:25 +0100
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
Organization: Univention GmbH
Reply-To: heimdal-discuss@sics.se, Stefan Gohmann <gohmann@univention.de>
User-Agent: KMail/1.9.6 (enterprise 20071102.731871)

Hello,

I have a problem with my account in our domain. We are using Heimdal 0.7.2 
(Debian etch packages) with the LDAP backend.

If I try to get a ticket I got the following output:

root@anton:~# kinit stefan
stefan@KNUT.UNIVENTION.DE's Password:
kinit: krb5_get_init_creds: Client (stefan@KNUT.UNIVENTION.DE) expired
root@anton:~#       

The kadmin -l shows me:
root@anton:~# kadmin -l get stefan
            Principal: stefan@KNUT.UNIVENTION.DE
    Principal expires: never
     Password expires: 2008-01-24 07:32:02 UTC
 Last password change: never
      Max ticket life: unlimited
   Max renewable life: unlimited
                 Kvno: 3
                Mkvno: 0
Last successful login: never
    Last failed login: never
   Failed login count: 0
        Last modified: 2007-12-05 07:32:03 UTC
             Modifier: stefan@KNUT.UNIVENTION.DE
           Attributes:
             Keytypes: aes256-cts-hmac-sha1-96(pw-salt), 
aes128-cts-hmac-sha1-96(pw-salt), des3-cbc-sha1(pw-salt), des3-cbc-md5
(pw-salt), arcfour-hmac-md5(pw-salt), des-cbc-md5(pw-salt), des-cbc-md4
(pw-salt), des-cbc-crc(pw-salt), arcfour-hmac-md5(pw-salt)

And a dump:
root@anton:~# kadmin -l dump | grep ^stefan@KNUT.UNIVENTION.DE
stefan@KNUT.UNIVENTION.DE 
3::18:b165d107e5aec06adb6295c516a8c893dad82d91146bf297b4b4323feec043d7:-::17:4c5c62f3edf55db58e4e937803328afc:-::16:1023c13e459dc1758fb979eff749a8c4baeab525ef079162:-::5:a75d027589b92c8fb6c162c7867ce97fa125b6a70d3eea9b:-::23:caa1239d44da7edf926bce39f5c65d0f:-::3:40dc2acb8a3780fd:-::2:40dc2acb8a3780fd:-::1:40dc2acb8a3780fd:-::23:caa1239d44da7edf926bce39f5c65d0f:- 
20040602101607:UNKNOWN 20071205073203:stefan@KNUT.UNIVENTION.DE - 
19700101000000 20080124073202 - - 126 -

Were does the 19700101000000 come from? And could I delete the entry, so that 
I got a valid account?

Cheers
Stefan
-- 
Stefan Gohmann         Entwicklung              gohmann@univention.de
Univention GmbH        Linux for your Business  fon: +49 421 22 232- 0
Mary-Somerville-Str.1  28359 Bremen             fax: +49 421 22 232-99
                       http://www.univention.de

Follow-Ups:
- Re: Client expired
  - From: Stefan Gohmann <gohmann@univention.de>

Prev by Date: Re: Difference in handling SPNEGO tokens between heimdal 0.7.2 , 0.8.1 and 1.0.1
Next by Date: Fisheye is not working
Prev by thread: Re: Should kadmin ask for password
Next by thread: Re: Client expired
Index(es):
- Date
- Thread