Using NetBSD 5.0 on Intel. Upgraded from krb5-1.6.3 with patches to krb5-1.7. kadmind logging now looks like this: Jun 16 16:35:36 juggler.panix.com kadmind[14915](Notice): chpw request from for elr@PANIX.COM: success Looked a little deeper - it's this code in src/kadmin/server/schpw.c that is kicking in: if (getnameinfo(ss2sa(&ss), salen, addrbuf, sizeof(addrbuf), NULL, 0, NI_NUMERICHOST | NI_NUMERICSERV) != 0) strlcpy(addrbuf, "", sizeof(addrbuf)); And the return code from getnameinfo was 4 (name resolution failure). I'm confused by this code, which appears in several spots in krb5 - it seems to disable logging of source IP addresses of requests if there's a local resolution error? Why not just show the IP address and leave it at that? My build process gave these flags to ./configure (same as what we used for previous versions): configflags="\ --prefix=/pkg/$PRODUCT \ --mandir=/pkg/$PRODUCT/man \ CFLAGS='-fstack-protector -D_FORTIFY_SOURCE=2' \ --sysconfdir=/etc/kerberosV \ --localstatedir=/var \ --libdir=/pkg/$PRODUCT/kerblib \ --enable-shared \ " krb5-config info: -I/pkg/krb5-1.7/include -L/pkg/krb5-1.7/kerblib -R/pkg/krb5-1.7/kerblib -lkrb5 -lk5crypto -lcom_err -lresolv Thanks, -- Ed