Joining OSX server to windows 2000 AD KDC
Trivial
moedcno at yahoo.ca
Tue Jul 18 13:34:28 EDT 2006
Trivial wrote:
> Richard E. Silverman a =E9crit :
>
> > >
> > > Hi All,
> > > I'm trying to join OSX server 10.4.7 to a windows 2000 Active Directo=
ry
> > > KDC server. After I join the OSX server to the AD server (with
> > > Directory Acces), I start Server Admin fallow by Open Directory and
> > > then Settings. I change the Role of the server from Stanalone Server =
to
> > > Connected to a Directory system and finally I click on Join Kerberos.=
I
> > > fill the fields and receive the error message below when I click the =
OK
> > > button:
> > >
> > > Kerberos keytab error. Error while creating the Kerberos keytab file
> > > for this server.
> > >
> > > I also found in the /Library/Logs/slapconfig.log file this informatio=
n:
> > >
> > > 2006-07-12 09:00:36 -0400 - slapconfig -sso_util
> > > 2006-07-12 09:00:36 -0400 - command: /usr/sbin/sso_util configure -r
> > > MY_KERBOROS_REALM -a KDC_ADM_LOGIN -p **** -v 1 all
> > > 2006-07-12 09:00:38 -0400 - sso_util command output:
> > > Contacting the directory server
> > > Creating the service list
> > > Creating the service principals
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> >
> > This looks as if the principal kadmin/admin at MY_KERBOROS_REALM is missin=
g=2E
> >
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> > > kadmin: Database error! Required KADM5 principal missing while
> > > initializing kadmin interface
> > > 2006-07-12 09:00:38 -0400 - sso_util command failed with status 2
> > >
> > > Anybody have clues on that?
> >
> > Best regards
> >
> > Yvan Michaud
> > System Administrator
> > University of Sherbrooke
> >
> >
> > --
> > Richard Silverman
> > res at qoxp.net
>
> Richard,
>
> Thank for that fast response. I'm kind of newbie with Kerberos. I check
> on the MIT web site to have a definition of principal but it still not
> clear to me. Here, the output of the kadmin get_principal command:
>
> OSX_server:~ admin_login$ kadmin get_principal
> Authenticating as principal admin/admin at MY_KERBEROS_REALM with
> password.
> kadmin: Client not found in Kerberos database while initializing kadmin
> interface
>
> Could you tell me more on the clue you gave to me (This looks as if the
> principal kadmin/admin at MY_KERBOROS_REALM is missing.)?
>
> Regards
>
> Yvan Michaud
> System Administrator
> University of Sherbrooke
I finally solve my problem. In Directory Acces, make sure you see your
AD setup in the Authentification tag and then custom path and save that
config.
Hope that could help other.
Yvan Michaud
System Administrator
University of Sherbrooke
More information about the Kerberos
mailing list