Joining OSX server to windows 2000 AD KDC

Trivial moedcno at yahoo.ca
Thu Jul 13 21:28:54 EDT 2006 

Richard E. Silverman a =E9crit :

> >
> > Hi All,
> > I'm trying to join OSX server 10.4.7 to a windows 2000 Active Directory
> > KDC server. After I join the OSX server to the AD server (with
> > Directory Acces), I start Server Admin fallow by Open Directory and
> > then Settings. I change the Role of the server from Stanalone Server to
> > Connected to a Directory system and finally I click on Join Kerberos. I
> > fill the fields and receive the error message below when I click the OK
> > button:
> >
> > Kerberos keytab error. Error while creating the Kerberos keytab file
> > for this server.
> >
> > I also found in the /Library/Logs/slapconfig.log file this information:
> >
> > 2006-07-12 09:00:36 -0400 - slapconfig -sso_util
> > 2006-07-12 09:00:36 -0400 - command: /usr/sbin/sso_util configure -r
> > MY_KERBOROS_REALM -a KDC_ADM_LOGIN -p **** -v 1 all
> > 2006-07-12 09:00:38 -0400 - sso_util command output:
> > Contacting the directory server
> > Creating the service list
> > Creating the service principals
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
>
> This looks as if the principal kadmin/admin at MY_KERBOROS_REALM is missing.
>
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
> > kadmin: Database error! Required KADM5 principal missing while
> > initializing kadmin interface
> > 2006-07-12 09:00:38 -0400 - sso_util command failed with status 2
> >
> > Anybody have clues on that?
>
> Best regards
>
> Yvan Michaud
> System Administrator
> University of Sherbrooke
>
>
> --
>   Richard Silverman
>   res at qoxp.net

Richard,

Thank for that fast response. I'm kind of newbie with Kerberos. I check
on the MIT web site to have a definition of principal but it still not
clear to me. Here, the output  of the kadmin get_principal command:

OSX_server:~ admin_login$ kadmin get_principal
Authenticating as principal admin/admin at MY_KERBEROS_REALM with
password.
kadmin: Client not found in Kerberos database while initializing kadmin
interface

Could you tell me more on the clue you gave to me (This looks as if the
principal kadmin/admin at MY_KERBOROS_REALM is missing.)?

Regards

Yvan Michaud
System Administrator
University of Sherbrooke

More information about the Kerberos mailing list