Starting the kadmin daemon proccess on ubuntu

Anthony McGovern amcgovern at tssg.org
Tue Nov 20 11:26:02 EST 2007


Actually its OK, I'm sorry i fixed both solutions myself just wanted to
let everyone know as to not waste your time. 

The first problem was the kadmind deamon wasn't running. After
re-reading the MIT install guide carefully i read that this needs to be
running so i ran kadmind then i could run kadmin fine. 

The second problem of the log file not being written to was the section
marked 

[logging] 
       kdc = FILE:/krb5/var/logs/kdc.log
       admin_server = FILE:/krb5/var/logs/adm.log
       default = FILE:/krb5/var/logs/log.log

I moved to the bottom of the config file (it was near the top) after
moving it to the bottom of the conf file kerberos now logs fine. 

I still assume thought that not having a slave KDC wont effect kerberos
Its crazy i know not having a slave KDC as a backup but there you go. 

Thanks anyway.
Anthony McGovern



On Tue, 2007-11-20 at 15:39, Anthony McGovern wrote:
> Good Afternoon
>                I was hoping someone could help me with a little problem
> im having with Kerberos. I've been following the admin and install
> guides on the MIT website and I'm now at the point where i have to start
> the deamon processes krb5kdc and kadmin. Everything up to this point has
> worked fine. I can start the krb5kdc proccess without any problems: 
> 
> tssgtestbox at tssgtestbox:/krb5/sbin$ sudo krb5kdc
> tssgtestbox at tssgtestbox:/krb5/sbin$
> tssgtestbox at tssgtestbox:/krb5/sbin$ ps -ef | grep krb
> root      4943     1  0 15:31 ?        00:00:00 ./krb5kdc
> 1000      4945  4830  0 15:31 pts/0    00:00:00 grep krb
> tssgtestbox at tssgtestbox:/krb5/sbin$
> 
> However when i try to start the kadmin process i get the following error
> 
> tssgtestbox at tssgtestbox:/krb5/sbin$ sudo kadmin
> Authenticating as principal root/admin at KERBEROS.MYDOMAIN.COM with
> password.
> kadmin: Incorrect password while initializing kadmin interface
> 
> I have created the kadm5.acl file its only got 2 lines at the moment as
> im only testing before i add more to it 
> 
> root/admin at KERBEROS.MYDOMAIN.COM *
> */*@KERBEROS.MYDOMAIN.COM *
> 
> 
> and i can run the kadmin.local command fine. I have added
> root/admin at KERBEROS.MYDOMAIN.COM into the kerberos database using the
> kadmin.local but every time i try to run kadmin i get the above error.
> Also its worth noting that i only have 1 KDC. I was only able to obtain
> i system for this so i cant setup a slave KDC. I only have a master
> running I'm hoping thats not the problem. 
> 
> 
> Another unusual thing I've noticed but its not that important yet is
> that Kerberos isn't writing to my log files. These are the lines from my
> krb5.conf file in my /etc directory 
> 
> [logging]
>         kdc = FILE:/krb5/var/logs/kdc.log
>         admin_server = FILE:/krb5/var/logs/adm.log
>         default = FILE:/krb5/var/logs/log.log
> 
> I have made sure the .log files exist and are in the directory specified
> above. But if i could get the kadmin issue sorted first id be really
> greatful. 
> 
> Kind Regards
> Anthony McGovern




More information about the Kerberos mailing list