<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2600.0" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>hello all,</FONT></DIV>
<DIV><FONT face=Arial size=2>
i am having a problem in using kerberos kadmin to add
principal in database, from kerberized server. The steps i followed to setup the
master KDC are</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>1. kdb5_util create -r TEST.COM
-s</FONT></DIV>
<DIV><FONT face=Arial size=2>2. kadmin.local -q "addprinc
admin/admin@TEST.COM"</FONT></DIV>
<DIV><FONT face=Arial size=2>3. In kadmin.local: </FONT></DIV>
<DIV><FONT face=Arial size=2>
ktadd -k /usr/local/var/krb5kdc/kadm5.keytab kadmin/admin
kadmin/changepw</FONT></DIV>
<DIV><FONT face=Arial size=2>4. started krb5kdc and
kadmind</FONT></DIV>
<DIV><FONT face=Arial size=2>5. In kdc.conf i added entry for kadm5.keytab
location as</FONT></DIV>
<DIV><FONT face=Arial size=2>
admin_keytab=FILE:/usr/local/var/krb5kdc/kadm5.keytab </FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>No problem in KDC.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>But when i try to add principal from kerberized
server I got an error from kadmin as</FONT></DIV>
<DIV><FONT face=Arial size=2> Operation requires ``list''
privilege while retrieving list when using listprincs</FONT></DIV>
<DIV><FONT face=Arial size=2> Operation requires ``add'
privilege while adding. </FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2> I am having kadm5.acl in
/var/kerberos/krb5kdc/ and also having entry in kdc.conf.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2> What is the problem? Anything could be
added in adm5.acl?</FONT></DIV>
<DIV><FONT face=Arial size=2> </FONT></DIV>
<DIV> <FONT face=Arial size=2>advance thanks</FONT></DIV>
<DIV><FONT face=Arial size=2>saratha</FONT></DIV></BODY></HTML>