I just upgraded from redhat 9.0 to 9.2 on a set of kerberos servers, fortunately a test
system. I can't kinit as existing users. If I add a user I can kinit as them. Changing
the password doesn't help. krb5kdc says
May 15 13:58:30
krb1.cs.rutgers.edu krb5kdc[652884](info): AS_REQ (4 etypes
{aes256-cts-hmac-sha1-96(18), aes256-cts-hmac-sha384-192(20),
aes128-cts-hmac-sha256-128(19), aes128-cts-hmac-sha1-96(17)}) 128.6.157.187:
HANDLE_AUTHDATA: clh(a)CS.RUTGERS.EDU for kadmin/changepw(a)CS.RUTGERS.EDU, No such file or
directory
The only difference I see in ldap attributes between the existing and new user is that the
new user has
ipaNTSecurityIdentifier: S-1-5-21-3719230765-1403434741-3275474567-88461
and
objectClass: ipantuserattrs
We are not using anything Windows-related