Solaris using Kerberos
David A Flores
David.A.Flores at uth.tmc.edu
Tue Dec 7 17:26:39 EST 2004
Help anyone,
We are using a Windows domain controller as a KDC and we are trying to
authenticate a Solaris 9.0 OS box using Kerberos. The following is the
command we use to create the keytab file:
ktpass -princ host/dean19.uthsch.edu at UTHSCU.EDU -mapuser dean19 -pass * -out
c:\dean19.keytab
Once we create the keytab file we send it to the sever via ssh. Attached
are the pam.conf file and the krb5.conf that we configured. One the
computer called dean19 we ran the ktutil
rkt /etc/krb5/dean.keytab
wkt /etc/krb5/krb5.keytab
After the rkt and the wkt commands we do a list and it shows a "slot KVNO
Principal"
We then validate the server's ability to communicate with the MS Kerberos
Domain Controller by requesting a Ticket Granting Ticket using kinit.
We then use klist to verify that a TGT has been issued.
But when we try to login to the box we get the following error.
Dec 7 16:27:38 dean19 login: [ID 537602 auth.error] PAM-KRB5 (auth):
krb5_verify_init_creds failed: Key table entry not found
We tried it on 2 solaris machines and we are getting the same error. Does
anyone know why this might be happening?
David Flores
Medical School Information Technology
System Analyst II
713-500-5211
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: pam.conf.txt
Url: http://mailman.mit.edu/pipermail/kerberos/attachments/20041207/1866224c/attachment.txt
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: krb5.conf.txt
Url: http://mailman.mit.edu/pipermail/kerberos/attachments/20041207/1866224c/attachment-0001.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4325 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20041207/1866224c/attachment.bin
More information about the Kerberos
mailing list