Password-changing from Windows

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Password-changing from Windows

Mike Friedman
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Is there a known problem with the password-changing interface from Windows
to an MIT KDC, either 1.3.4 or 1.4.2?  Based on testing by one of my
colleagues who works in the Windows environment, it seems that
password-changing, either using the native Windows Kerberos
password-change facilities or even the MIT-supplied KfW (2.6.5) kpasswd
command and the Leash GUI, the following message is received on the
Windows side:

    Server error: Failed decrypting request

The KDC logs show a successful issuing of the kadmin/changepw service
credential, but no further action indicating a change password
transaction.

I believe we've never been able to get native Windows password-changing to
work against our MIT KDCs.

I wonder if this is just a configuration issue on our KDC.

Any suggestions?

Thanks.

Mike

_____________________________________________________________________
Mike Friedman                   System and Network Security
[hidden email]          2484 Shattuck Avenue
1-510-642-1410                  University of California at Berkeley
http://ack.Berkeley.EDU/~mikef  http://security.berkeley.edu
_____________________________________________________________________


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8

iQA/AwUBQwS4W60bf1iNr4mCEQJNjgCeP4Itn3W/YeOo8p+ZCv+3EAuG/vAAn1UF
L1xaU6PuQyBel/qMFfkJ/2iv
=TCo3
-----END PGP SIGNATURE-----
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos