Solaris 8 and mit kdc

Manel Euro euro_32 at hotmail.com
Tue Jul 5 11:31:26 EDT 2005


Thank you for your emails.

I have been out of the office.
I will try the advices as soon as I get back.
Thank you,
M.


fsoliv wrote:

>  Before typing this command I do kinit -f username.
>
>  Also, i can't find a field in seam's krb5.conf file to configure the
>  location of the keytabs. I have placed the krb5.keytab extracted
>  from a linux machine into /etc/krb5/.

That is correct.   The keytab on Solaris is /etc/krb5/krb5.keytab

On the Solaris box (as root), run "klist -ke" - this should show
you the contents of the keytab file.  It *should* contain
a DES key for "host/foo.bar.com at YOUR.REALM" (Solaris 8).

Also, look in the KDC log files to see if the either the client
or the server is requesting keys for things the KDC does
not know about.

Kerberos is very sensitive to naming issues - we like to recommend
that you always use fully qualified hostnames for your host
based service principals and make sure that your naming
service returns f.q.d.n names for reverse address lookups.

What naming service are you using to resolve hostnames
(DNS, NIS, or just flat files like /etc/hosts) ?

-Wyllys

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/



More information about the Kerberos mailing list