kadmin problems

Wachdorf, Daniel R drwachd at sandia.gov
Tue Oct 14 20:24:23 EDT 2003


All the entries for everything are dce.sandia.gov.  I changed the name on
them before i posted the message.  I must have missed one.   

-----Original Message-----
From: John Dewey
To: Wachdorf, Daniel R
Cc: 'kerberos at mit.edu'
Sent: 10/14/2003 5:38 PM
Subject: Re: kadmin problems

kadm5.acl contains an entry of */admin at dce.sandia.gov.
Your kadmin is authing as drwachd/admin at test.sandia.gov.
Try kadmin -p drwachd/admin at DCE.SANDIA.GOV.


On Mon, Oct 13, 2003 at 04:53:27PM -0600, Wachdorf, Daniel R wrote:
> I am having trouble getting kadmin to work.  I can use kadmin.local
> any problem.
> i have setup the kadm5.acl file with this entry:
> */admin at dce.sandia.gov *
> i created the principal with the name drwachd/admin
> when i try to use kdamin i get this:
> [drwachd at mit drwachd]$ /usr/local/sbin/kadmin
> Authenticating as principal drwachd/admin at test.sandia.gov with
> Password for drwachd/admin at test.sandia.gov:
> Password for drwachd/admin at test.sandia.gov:
> kadmin: Preauthentication failed while initializing kadmin interface
> I see this in the krb5kdc.log file:
> Oct 13 16:53:20 test.sandia.gov krb5kdc[9711](info): preauth
> verify failure: No matching key in entry
> Oct 13 16:53:20 test.sandia.gov krb5kdc[9711](info): AS_REQ (4 etypes
{16 23
> 3 1}) PREAUTH_FAILED: drwachd/admin at test.sandia.gov
> kadmin/admin at test.sandia.gov, Preauthentication failed
> Anyone know whats going on?  I am running kadmin from the kdc, so it
> be a timeskew issue.  I am SURE the password is right.
> I have tried doing a kinit -S kadmin/admin
drwachd/admin at test.sandia.gov and
> it works fine.
> Any ideas?
> -dan
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos

More information about the Kerberos mailing list