directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Snake <>
Subject Re: [ApacheDS] "Pre-authentication information was invalid " error
Date Sat, 05 Jun 2010 16:38:35 GMT
No problem about the documentation issue.Thanks for replying to me.

By the way, I managed to figure out the problem: the machines had their 
clock desyncronized by over an hour x)

I was assuming that the system administrator that supplied to me the 
machines would have set their dates correctly, but it seems assumptions 
can be an inderance sometimes. Thanks again for your help!

Emmanuel Lecharny wrote:
> On 6/5/10 4:04 AM, Snake wrote:
>> Greetings
>> I've set up ApacheDS in a remote machine, and activated its Kerberos 
>> service. I'm trying to test it using the client/server "hello world" 
>> made by java monkey, available in this link: 

>> I was managing to get it to work in my local machine - both the kdc 
>> and the demo were running in my computer. But when I installed 
>> ApacheDS in a remote host, with the same server.xml file, the demo 
>> didn't work anymore. I started getting this "Pre-authentication 
>> information was invalid " error. To make sure the problem was due to 
>> the demo and the kdc being in diferente machines, I installed the 
>> demo in the remote machine where I also installed the kdc, I run it 
>> there, and it got back to work properly. It seems that both the demo 
>> and kdc need to be in the same machine.
>> I assume that if I get to disable the pre-authentication I can get 
>> past this issue. I consulted the online documentation, and I assume 
>> that I need to put something like this in the server.xml file:
>> <bean id="kdcConfiguration" 
>> class="">
>> <property name="paEncTimestampRequired" value="false" />
>> </bean>
>> The problem is, I don't know where this should be inside the file. 
>> Could anyone give me a hint about where to put this configuration, or 
>> how to resolve this issue in another way? I really need to get this 
>> thing to work :\
>> Thanks in advance.
> Sorry for the missing documentation :/ It's *really* lagging here... 
> Time is an expensive resource !
> So you have to put it in the kdcServer part of the server.xml file :
> <kdcServer id="kdcServer" paEncTimestampRequired="false">
> <transports>
> <tcpTransport port="60088" nbThreads="4" backLog="50"/>
> <udpTransport port="60088" nbThreads="4" backLog="50"/>
> </transports>
> <directoryService>#directoryService</directoryService>
> </kdcServer>

View raw message