z/OS Communications Server: IP Messages Volume 3 (EZY)
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


EZYRS60E

z/OS Communications Server: IP Messages Volume 3 (EZY)
SC27-3656-00

Kerberos error - errortype

Explanation

This message is issued to syslog when the orshd server detects an error in the Kerberos communication with the client.

errortype can be one of the following:
V1 validation
In the Kerberos exchange between client and server, the V1 validation failed.
V2 validation
In the Kerberos exchange between client and server, the V2 validation failed.
AP REQ validation
In the Kerberos exchange between client and server, the AP REQ validation failed.
checksum failed
The orshd server start up configuration options specify that the Kerberos checksum must be valid (using -m option). In the Kerberos exchange between client and server, the checksum was not valid.
encryption required
The orshd server start up configuration options specify that kerberos and encryption will be used (using -e option). In the exchange between client and server, the client did not specify encryption.
forwarding is unsupported
Credentials forwarding was requested by the orsh Kerberos client. The orshd server does not support credentials forwarding.

System action

orshd ends.

Operator response

Contact the system or network administrator.

System programmer response

Turn on debugging for orshd to determine where in the Kerberos flow the error occurred. Verify that the orsh client is a valid Kerberos V5 client. There is probably a mismatch in the Kerberos support or options supported between the orsh client and server. Review the Kerberos configuration between the client and the server.

Module

rshdkerb

Procedure name

do_kerb5()

Parent topic: EZYRxxxx messages

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014