I think you're on to something here. I just reset the user's password on IPA and get the "password expired" message but I get that regardless of what I enter for the user's password. I'm confused as to why I can make the user auth work with a normal KDC but I'm having so much trouble with IPA-KDC. Going to wipe the Win7 config and start fresh on that system.
On Mon, Sep 19, 2011 at 10:31 AM, Simo Sorce <[email protected]> wrote: > On Mon, 2011-09-19 at 10:10 -0400, Jimmy wrote: > > I have verified that the password set for the workstation in the > > kerberos host principal(using ipa-getkeytab) and the password on the > > host (using ksetup) are the same. I'm still getting the " Decrypt > > integrity check failed" errors. I have also verified that the system > > clock is accurate on both the KDC and the workstation. What else could > > be causing this? As I have said, this system authenticates flawlessly > > against other KDC's I have set up. > > The thing that is failing is your user password does not check with what > the KDC thinks is the user's secret. You are not yet to the stage where > the machine password is tried. > > Simo. > > > > -- > Simo Sorce * Red Hat, Inc * New York > >
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
