On Tue, 12 Apr 2011, Alain Péan wrote:
Sorrry, little error with the output of klit -ke, because I am testing
on a test AD domain at this moment. On the first machine, output is :
# klist -ke
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
2 host/appleton.lab-lpp.local@xxxxxxxxxxxxx (DES cbc mode with CRC-32)
2 host/appleton.lab-lpp.local@xxxxxxxxxxxxx (DES cbc mode with RSA-MD5)
2 host/appleton.lab-lpp.local@xxxxxxxxxxxxx (ArcFour with HMAC/md5)
2 host/appleton@xxxxxxxxxxxxx (DES cbc mode with CRC-32)
2 host/appleton@xxxxxxxxxxxxx (DES cbc mode with RSA-MD5)
2 host/appleton@xxxxxxxxxxxxx (ArcFour with HMAC/md5)
2 APPLETON$@LAB-LPP.LOCAL (DES cbc mode with CRC-32)
2 APPLETON$@LAB-LPP.LOCAL (DES cbc mode with RSA-MD5)
2 APPLETON$@LAB-LPP.LOCAL (ArcFour with HMAC/md5)
You're still lightly mixing machines though, as your error before referred to
'bardeen' not appleton. I'm not certain that I've seen a complete picture
here.
I think disabling validate would still get you back to your old behaviour, but
that there's something wrong with the keytabs on these machines.
jh
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
