PAM Kerberos Release Note, HP 9000 Networking
Chapter 1 25
PAM Kerberos Release Note
Known Problems and Workarounds
Known Problems and Workarounds
• The kerberised system ftp service may list the /etc/issue file before the expected output.
Refer to sis(5) man page for more details on Secure Internet Services (SIS).
• "kdestroy -e <exp_period>" does not remove the credentials that have expired. Use klist
to determine the expired credentials followed by kdestroy or kdestroy -c cachename.
• klist (which is part of HP-UX OS) will list the credentials along with a message indicating
DCE identity is not available:
"No DCE identity available: No currently established network identity for
which context exists (dce/sec)"
• If the password has expired on a Microsoft Windows 2000 KDC, the user will not be
prompt for a new password and cannot login. This is a known problem in Microsoft
Windows 2000.