On 04/13/2017 09:13 AM, Jaap Winius wrote: > Regrettably, no, I don't have the passwords. I copied the > 'service.keyfile 'and 'stash' files from the old systems hoped it > would work. Could it be that the required format or key type of one or > both of these files has changed? If so, then unless I can decrypt that > HEX value it will probably be necessary to create a new realm. If not, > then it does make troubleshooting a bit more difficult.
To my knowledge the format of that file has not changed, so I don't know why the 1.15 KDC isn't able to bind the LDAP server when the 1.10 KDCs can. The HEX value is not encrypted. It's just encoded in hex. So "3c" is the ASCII value 60 which is the character '<', and so forth. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
