my credentionls doesn't save in App server or Client machine..

Aruna Lakmal john.fernando.1982 at gmail.com
Thu Apr 20 00:22:48 EDT 2006


hey Gys..

I've problems my linux kerberos server.
My kerberos server have installed in my computer and applications server
is another network in my LAN.
I've configured a web server with kerberos 5.

My /etc/krb.conf :

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = KRB.MNETPLUS.COM <http://krb.mnetplus.com/>
 default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
 default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
 dns_lookup_realm = false
 dns_lookup_kdc = false

[realms]
  KRB.MNETPLUS.COM <http://krb.mnetplus.com/>  = {
  kdc = krb.mnetplus.com:88
  admin_server = krb.mnetplus.com:749
  default_domain = krb.mnetplus.com
 }

[domain_realm]
 .krb.mnetplus.com = KRB.MNETPLUS.COM <http://krb.mnetplus.com/>
  krb.mnetplus.com = KRB.MNETPLUS.COM <http://krb.mnetplus.com/>

[kdc]
 profile = /usr/local/var/krb5kdc/kdc.conf

[appdefaults]
 kinit = {
   forwardable = true
 }
 telnetd = {
   forwardable = true
 }
 klogind = {
   forwardable = true
 }
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }

My /usr/local/var/krb5kdc/kdc.conf

[kdcdefaults]
    kdc_ports = 750,88

[realms]
    KRB.MNETPLUS.COM <http://krb.mnetplus.com/> = {
        profile = /etc/krb5.conf
        database_name = /usr/local/var/krb5kdc/principal
            admin_database_name = /usr/local/var/krb5kdc/kadm5_adb
            admin_database_lockfile = /usr/local/var/krb5kdc/kadm5_adb.lock
        admin_keytab = FILE:/usr/local/var/krb5kdc/kadm5.keytab
        acl_file = /usr/local/var/krb5kdc/kadm5.acl
        key_stash_file = /usr/local/var/krb5kdc/.k5.KRB.MNETPLUS.COM
        kdc_ports = 750,88
        max_life = 10h 0m 0s
        max_renewable_life = 7d 0h 0m 0s
        supported_enctypes = des-cbc-crc:normal des:normal des:v4
des:norealm des:onlyrealm des:afs3
    }
[logging]
         kdc = FILE:/var/log/krb5kdc.log
         admin_server = FILE:/var/log/kadmin.log

My /etc/krb5.conf

KRB.MNETPLUS.COM <http://krb.mnetplus.com/>
KRB.MNETPLUS.COM <http://krb.mnetplus.com/>    krb.mnetplus.com:88
KRB.MNETPLUS.COM <http://krb.mnetplus.com/>    krb.mnetplus.com:749 admin
server
krb.mnetplus.com    krb.mnetplus.com
krb.mnetplus.com    krb.mnetplus.com admin server

These are my points:

one:  when i try to access web server from any compuer with kerberos
supported browser
 it ask password to access my sercure web page every time after browser
closes and access
to web page. after accessing the web page entering password I tryied with
klist, but it says
there is no credentiols saved in cash..
I can't fine where is ther error.
plase help me.



More information about the Kerberos mailing list