John Nietzsche wrote:
Hi folks,
i have configured my openbsd kerberos server. It is serving two other
computer in my home network. One of this client is running openbsd the
other is Windows XP.
I am able to login into any of these 2 client and authentication goes
through kerberos 100% successful. I can log in to the server 100% ok.
After logged in any given machine, i can reach another through
obtaining a service ticket, what gives me a SSO enviroment.
The problem is that i cannot change password from any of those
machine, i got the following:
[EMAIL PROTECTED] passwd -K
[EMAIL PROTECTED]'s Password:
New password:
Verifying password - New password:
Reply from server: Authentication failed
[EMAIL PROTECTED]
[EMAIL PROTECTED] passwd -K
[EMAIL PROTECTED]'s Password:
New password:
Verifying password - New password:
Reply from server: Authentication failed
[EMAIL PROTECTED]
And on windows i get a screen witht he following:
1326: Logon failure: unknow user or bad password.
What i cannot understand is why i can login on any of the machine, but
cannot change password.
What am i doing wrong?
OpenBSD machine is 4.3 stable and the other, Windows XP.
Kerberos(heimdal) is the standard that comes with OpenBSD 4.3
1) Is kpasswdd(8) running on the Kerberos master?
2) Is a firewall blocking traffic on port 464/udp?
Kerberos ticket services run on port 88. The Kerberos admin and newer
password changing protocols run on port 749/tcp. OpenBSD still uses the
old password changing protocol which utilizes port 464/udp.
If needed, you can change the port that kpasswdd(8) listens on.
