Kerberos 5, kprop problem
Norbert Veber
nveber at pyre.virge.net
Tue Apr 16 11:22:17 EDT 2002
Srinivas Cheruku wrote:
> Look at the kdc logs. Then you will come to know whcih service principal it
> is looking for and from that you can make out why it is going wrong.
I was looking at the logs, but I could've sworn I didnt see anything
relevant until now :)
# /usr/local/sbin/kprop -f /usr/local/var/krb5kdc/slave_datatrans
kerberos-2.domain.com
Here it is:
Apr 16 11:12:41 abel krb5kdc[26689](info): AS_REQ (2 etypes {16 1})
10.0.1.3(88): CLIENT_NOT_FOUND: host/abel at REALM.COM for
host/weber.domain.com at REALM.COM, Client not found in Kerberos
database.
'abel' is the main server, it has a cname of 'kerberos'. 'weber' is one
of the secondaries, cname kerberos-2.
For some reason its trying to find the canonical hostname of the
machine. The installation manual said it should work with CNAMES..
Did I maybe screw up my domain/realm mappings? I have the following in
krb5.conf:
[domain_realm]
.domain.com = REALM.COM
domain.com = REALM.COM
Thanks,
Norbert
More information about the Kerberos
mailing list