Impossible kerberos autentication on AIX

Sam Hartman hartmans at MIT.EDU
Wed Feb 25 13:43:07 EST 2004


>>>>> "Sensei" == Sensei  <noone at nowhere.org> writes:
    Sensei> On AIX we have a really different thing:

    Sensei> 1. AS-REQ Client name:host type:Principal name:host
    Sensei> name:aix realm:MYREALM Server name:kadmin type:Principal
    Sensei> name:kadmin name:admin end time:1970-01-01 00:00:00

    Sensei> 2. KRB-ERROR ctime:<date is ok> stime:<date is ok>
    Sensei> susec:644378 error code:KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN
    Sensei> crealm:MYREALM cname:host type:Principal name:host
    Sensei> name:aix realm:MYREALM sname:kadmin type:Principal
    Sensei> name:kadmin name:admin etext:CLIENT_NOT_FOUND


How come the principal host/aix at MYREALM does not exist?  IT seems like
it should.


However the AIX box is doing something very strange and I'm concerned
about the implications of this.  I'd appreciate it if you could get me
a packet trace of what happens after you fix things so the client
principal it is using exists.



More information about the Kerberos mailing list