Help
Paulo Oliveira
bad_boy_sk8 at hotmail.com
Thu Nov 11 09:08:45 EST 2010
My Kerberos is running now !!
Thank you very much Guys !!
Your help were very important for me.
Thanks Again.
Paulo R.
> Date: Wed, 10 Nov 2010 19:17:49 +0000
> From: B.Candler at pobox.com
> To: bad_boy_sk8 at hotmail.com
> CC: kerberos at MIT.EDU
> Subject: Re: Help
>
> On Tue, Nov 09, 2010 at 04:29:05PM -0200, Paulo Oliveira wrote:
> > Now I am with problem in authentication. I type kinit paulo at teste.uem and appear:
> >
> > Nov 09 16:16:26 paulo-laptop krb5kdc[3372](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 127.0.0.1: CLIENT_NOT_FOUND: paulo at teste.uem for krbtgt/teste.uem at teste.uem, Client not found in Kerberos database
> >
> >
> > In my kadm5.acl file has the user such as below:
> >
> > */paulo at teste.uem
>
> Firstly, it's "kinit paulo at TESTE.UEM" - note the capitals - or just
> "kinit paulo", if you have the default realm set as TESTE.UEM in
> /etc/krb5.conf.
>
> Next, the file kadm5.acl is only a list of which principals are kerberos
> administrators - that is, which principals have rights to add, modify or
> remove other principals.
>
> So you still have to create a principal paulo at TESTE.UEM before they can
> kinit. You can do this using kadmin.local on the KDC itself, which solves
> the chicken-and-egg problem of how to create your administrator principal
> before you have any administrators.
>
> Once this is done, you no longer need kadmin.local - instead use kadmin from
> a remote workstation, which talks to kadmind over TCP.
More information about the Kerberos
mailing list