On 06/04/2015 09:45 PM, Ken Hornstein wrote:
> I haven't tried that combination, but from memory the issue is that
> the kpasswd protocol uses a KRB-PRIV message and the issue was that
> you can't omit an IP address from it (let me check ... yes, the sender's
> address is not optional in a KRB-PRIV
>I don't know what causes this, but it's definitely not you. I've seen
>this behavior for years. The client appears to be complaining about the
>response from the server, which it thinks has the wrong net address (or
>something; I was always murky on the details), but the change goes through
>any
Ben H writes:
> When utilizing Microsoft AD as a KDC against MIT clients, I am seeing
> the following error/warning when changing passwords via kpasswd:
> kpasswd: Incorrect net address changing password
> The password *is* properly changed, but this message displays.
I don't know what causes
I'm not 100% on the mechanics at the AD side on how your change is still
going through, but to avoid the error; Have you tested with setting within
the realms definition of the AD realm, along with kdc entry, provide
a kpasswd_server value pointing to the proper host you want the kpasswd
exchange t
When utilizing Microsoft AD as a KDC against MIT clients, I am seeing the
following error/warning when changing passwords via kpasswd:
kpasswd: Incorrect net address changing password
The password *is* properly changed, but this message displays.
Here's the rub:
The KDC being used for the pass
[[NOTE: I originally posted this reply to comp.protocols.kerberos but it
doesn't appear to have made it to the mailling list. That'll teach me. :-)]]
I continue to have the same problems (unfortunately I was unable
to participate in the latest teleconference). I have found that I
get the sam
