On 05/06/2015 10:45 AM, Meike Stone wrote: > I like to use kpasswd, but the kpasswd_server is behind a firewall and > only TCP port 464 is allowed. > But as i see, kpasswd only uses UDP. Setting udp_preference_limit to 0 > (under libdefaults) > didn't help.
The intent of the changepw.c code is to try both UDP and TCP first (typically beginning with a UDP query, but udp_preference_limit could cause a TCP query to be tried first), and then retry with only TCP if it gets back a KRB5KRB_ERR_RESPONSE_TOO_BIG error. As far as I know this code functions as intended. Can you describe in more detail what leads you to believe that it is only trying UDP? Also, what version are you using on the client, and what is running on the kpasswd server? ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
