problem in adding principal using kadmin from kerberized server

Sridhar Bandi bandis at india.hp.com
Tue Aug 6 09:06:37 EDT 2002


Hello saratha,

    Could you please let us know what does adm5.acl file contains,
    I guess you have not added the entry "*/admin *" to the file.
    If you add this then it should work.

Regards
Bandi

saratha wrote:

> hello all,            i am having a problem in using kerberos kadmin
> to add principal in database, from kerberized server. The steps i
> followed to setup the master KDC are 1. kdb5_util create -r TEST.COM
> -s2. kadmin.local -q "addprinc admin/admin at TEST.COM"3. In
> kadmin.local:            ktadd -k /usr/local/var/krb5kdc/kadm5.keytab
> kadmin/admin kadmin/changepw4. started  krb5kdc and kadmind5. In
> kdc.conf i added entry for kadm5.keytab location as
> admin_keytab=FILE:/usr/local/var/krb5kdc/kadm5.keytab No problem in
> KDC. But when i try to add principal from kerberized server I got an
> error from kadmin as    Operation requires ``list'' privilege while
> retrieving list when using listprincs     Operation requires ``add'
> privilege while adding.  I am having kadm5.acl in
> /var/kerberos/krb5kdc/ and also having entry in kdc.conf.  What is the
> problem?  Anything could be added in adm5.acl?  advance thankssaratha




More information about the Kerberos mailing list