Client not able to determine default realm - tried the obvious
Jeff Blaine
jblaine at mitre.org
Fri Feb 10 15:25:10 EST 2006
I'm stumped for sure.
Kerberos 1.4.3 with --disable-dns
/etc/krb5.conf is -rw-r--r--
It contains (among other things):
#-------------------------------------
[libdefaults]
default_realm = JBTEST
[realms]
JBTEST = {
kdc = 192.168.168.3
admin_server = 192.168.168.3
}
#-------------------------------------
This fails to forward ticket:
telnet -a 192.168.168.3
and /var/adm/krb5kdc.log shows all sorts of unwanted
logic trying to figure out the realm name (and failing).
It's in the file! Use it!
truss 'telnet -a 192.168.168.3' shows:
...
open("/etc/krb5.conf", O_RDONLY) = 5
access("/etc/krb5.conf", 2) Err#13 EACCES
^^^ ????? ^^^
Specifying the realm with '-k JBTEST' logs me right in
with forwarded TGT.
More information about the Kerberos
mailing list