Error accessing kadmin

Tyson Oswald oswaldt at ameritech.net
Fri Feb 13 13:16:02 EST 2004


Here is a list of the principals in my kerberos database

kadmin/elmer.TESTAD.NET at TESTAD.NET
kadmin/admin at TESTAD.NET
kadmin/changepw at TESTAD.NET
root/admin at TESTAD.NET
K/M at TESTAD.NET
krbtgt/TESTAD.NET at TESTAD.NET
kadmin/history at TESTAD.NET
kws/admin at TESTAD.NET

What account does the kadmin interface use?

oswaldt at ameritech.net (Tyson Oswald) wrote in message news:<738EFD3D-5DBB-11D8-9061-000A958B2E00 at ameritech.net>...
> thank you for your reply, i have created the kws/admin principal.  I 
> also created root/admin.  I even double checked my spelling my listing 
> the principals from kadmin.local and copying the text for the kws/admin 
> principal.
> 
> On Feb 12, 2004, at 03:00 PM, Wyllys Ingersoll wrote:
> 
> > On Thu, 2004-02-12 at 10:00, Tyson Oswald wrote:
> >> I am hoping someone can help me with this.
> >>
> >> I installed Sun Enterprise Authentication Mechanism on Solaris 8 and
> >> configured it based on the install procedure. I have the kdc and
> >> kdc.master daemons running. When I enter
> >> kadmin -p kws/admin
> >>
> >> I get Database Error! Requried KADM5 principal missing while
> >> initialing kadmin interface.
> >
> > When you run kadmin.local and list the principals in your
> > database (getprincs), does kws/admin appear?
> >
> > "kws/admin" was given in the documentation as an EXAMPLE,
> > its not automatically put in the DB. The reader is supposed
> > to create an admin principal for themselves.
> >
> > Example - if your normal user principal is "tyson",
> > you should create a principal called "tyson/admin" for administrative
> > duties.
> >
> > -Wyllys
> >
> >
> >>
> >> I am vrey baffeled by this error. I see very few references to it on
> >> groups.google.com or even docs.sun.com.  The only ones I find give no
> >> information on what the problem is or how to resolve it.  I am hoping
> >> someone here can shed some light on this problem.
> >>
> >> At first I thought it had something to do the kadm5.acl, but those
> >> acconnts exist in my keytab.  One thing to note, my krb5.conf got
> >> destroyed so I created a new one, which actually solved some other
> >> issues I was having.
> >>
> >> btw, kadmin.local works fine.
> >>
> >> any help would be appreciated.
> >>
> >> thank you,
> >>
> >> Tyson Owald
> >> ________________________________________________
> >> Kerberos mailing list           Kerberos at mit.edu
> >> https://mailman.mit.edu/mailman/listinfo/kerberos
> >
> 
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos


More information about the Kerberos mailing list