Hi,
I am using krb5-1.10.1 with OpenLDAP in the backend. I am able to add
principals using addprinc and authenticate using kinit.
But if i use Apache DS API's to create a principal in OpenLDAP and authenticate
using knit the following error occurs.
krb5kdc[32478](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) ::1:
LOOKING_UP_CLIENT: [email protected] for krbtgt/[email protected],
unable to decode stored principal key data (ASN.1 identifier doesn't match
expected value)
To do kinit authentication in kerberos, How to encode the krbPrincipalKey
before writing into OpenLDAP using ApacheDS API? Could anyone help on this
issue.
The krb5.conf has the following entry for encryption.
[libdefaults]
ticket_lifetime = 600
default_realm = EXAMPLE.COM
default_tgs_enctypes = des3-hmac-sha1 des-cbc-md5
dafault_tkt_enctypes = des3-hamc-sha1 des-cbc-md5
allow_weak_crypto = true
Thanks
Rajeswari
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
