directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zheng, Kai" <>
Subject RE: Kerberos issue - reg
Date Fri, 06 Mar 2015 23:08:39 GMT
Did you run kinit on Linux with MIT Kerberos client package installed ? Or you’re running
any Java provided kinit command ?

The issue might be related to the issue,

This is possible because ApacheDS currently relies on JRE in the encryption support. Similar
issues like this had been complained quite much if you’d like google about it. Unfortunately
no plain solution is clear to me. One stupid way to work around this would suggest you disable
preauth if ApacheDS server allows that via configuration.

By the way, we will check compatibility between Kerby with MIT Kerberos/MS AD and keep such
issue in mind. With such aspects resolved we would enhance ApacheDS by leveraging Kerby library
if the server still desire to embed a KDC server. But this won’t happen so soon so it may
not help for you at this time.


From: kumar r []
Sent: Friday, March 06, 2015 7:02 PM
Subject: Kerberos issue - reg

   I have installed ApacheDS 2.0.0-M19, i could successfully create users, groups  using ldap.
When i enable kerberos, it couldn't authenticate from apache studio or kinit command. When
trying to get ticket using kinit command, i am getting "Integrity check on decrypted field
failed" exception. When i use invalid principal, it shows "client not found". It seems that
 it could contact KDC server in apacheds but it might be encryption problem. Checked these
in windows 8 OS. Referred many links but unable to find the solution. Found two jira task
link related to this problem
  I have created krbtgt and ldap service referred in
  Can you please tell me how to solve this problem?
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message