The arcfour string-to-key operation in krb5 1.7 (or later) disagrees with the dummy password used by the addprinc -randkey operation in krb5 1.6's kadmin client, because it's not valid UTF-8. Recognize the 1.6 dummy password and use a random password instead. https://github.com/krb5/krb5/commit/f6b381170552b311793a593e10e2108a10b0397b Commit By: ghudson Revision: 23610 Changed Files: U trunk/src/lib/kadm5/srv/svr_principal.c