Directory Studio
  1. Directory Studio
  2. DIRSTUDIO-873

Kerberos encryption types are not saved correctly



      We can't change the Encryption Types values in the Kerberos Configuration page. If we do so, we immediately get the following exception when starting the server :

      'The server 'xxxx' cannot be started.
      Cause: ERR_0444_CANNOT_NORMALIZE_VALUE Cnnot normalize the wrapped value ERR_04473_NOT_VALID_VALUE Not a valid value '[des-cbs-md5, rc4-hmac]' for the ...

      It seems that the cofigurator tries to store the value as is.

      If we modify the values by hand in the config.ldif file, for instance :

      dn: ads-serverId=kerberosServer,ou=servers,ads-directoryServiceId=default,ou=config
      ads-krbEncryptionTypes: des-cbc-md5
      ads-krbEncryptionTypes: rc4-hmac

      then in the GUI, the EncryptionTypes is now : [des-cbc-md5, rc4-hmac]

      So there is an incompatible config/gui transformation that works in the config -> GUI way, but not in the other way.


        Pierre-Arnaud Marcelot made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Pierre-Arnaud Marcelot made changes -
        Status Open [ 1 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        Pierre-Arnaud Marcelot made changes -
        Assignee Pierre-Arnaud Marcelot [ pamarcelot ]
        Fix Version/s 2.0.0-M6 [ 12324038 ]
        Fix Version/s 2.0.0 [ 12314306 ]
        Component/s studio-apacheds-configuration [ 12311753 ]
        Pierre-Arnaud Marcelot made changes -
        Field Original Value New Value
        Summary Cannot add a new EncryptionKey in the Kerberos configuration Kerberos encryption types are not saved correctly
        Emmanuel Lecharny created issue -


          • Assignee:
            Pierre-Arnaud Marcelot
            Emmanuel Lecharny
          • Votes:
            0 Vote for this issue
            2 Start watching this issue


            • Created: