Ubuntu
krb5 package

credential verification failed: KDC has no support for encryption type

Bug #1119465 reported by Ralf Hildebrandt
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
krb5 (Ubuntu)
Confirmed
Medium
Unassigned

Bug Description

Basically this is http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669127 but on Ubuntu.
I'm trying to authenticate against Active Directory, and starting with version 1.10+dfsg~beta1-2ubuntu0.3 of the kerberos packages I'm getting these errors:

Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): pam_sm_authenticate: entry
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): pam_sm_authenticate: entry
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): (user hildeb) attempting authentication as <email address hidden>
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): (user hildeb) attempting authentication as <email address hidden>
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): (user hildeb) credential verification failed: KDC has no support for encryption type
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): (user hildeb) credential verification failed: KDC has no support for encryption type
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): authentication failure; logname=hildeb uid=0 euid=0 tty= ruser= rhost=
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): pam_sm_authenticate: exit (failure)
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): authentication failure; logname=hildeb uid=0 euid=0 tty= ruser= rhost=
Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): pam_sm_authenticate: exit (failure)

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: libpam-krb5 4.5-3
ProcVersionSignature: Ubuntu 3.2.0-29.46-generic 3.2.24
Uname: Linux 3.2.0-29-generic x86_64
ApportVersion: 2.0.1-0ubuntu15.1
Architecture: amd64
Date: Fri Feb 8 15:40:55 2013
InstallationMedia: Ubuntu-Server 12.04.1 LTS "Precise Pangolin" - Release amd64 (20120817.3)
MarkForUpload: True
ProcEnviron:
 LANGUAGE=en_US:en
 TERM=xterm
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: libpam-krb5
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Ralf Hildebrandt (ralf-hildebrandt) wrote :
Revision history for this message
Russ Allbery (rra-debian) wrote :

Reassigning to krb5, as:

Feb 8 15:38:09 vpn-gw-ausfall openvpn[9031]: pam_krb5(openvpn-krb5:auth): (user hildeb) credential verification failed: KDC has no support for encryption type

is an error message from the underlying Kerberos library that libpam-krb5 can't do anything about. libpam-krb5 itself doesn't know (or care) anything about enctypes.

affects: libpam-krb5 (Ubuntu) → krb5 (Ubuntu)
Robie Basak (racb)
Changed in krb5 (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in krb5 (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.