Problems with kadmind, kpasswd and cross-realm authentication

Jeffrey Altman jaltman at secure-endpoints.com
Wed Sep 5 17:25:34 EDT 2007


Just to clarify.  Are you attempting to serve two realms
from the same KDC?

Anthony Brock wrote:
>
> # klist -k FILE:/etc/krb5kdc/kadm5.keytab | egrep
> 'STERLINGCGI.COM|SCGROUP.ORG'
>    3 kadmin/admin at SCGROUP.ORG
>    3 kadmin/admin at SCGROUP.ORG
>    3 kadmin/changepw at SCGROUP.ORG
>    3 kadmin/changepw at SCGROUP.ORG
>    3 kadmin/admin at STERLINGCGI.COM
>    3 kadmin/admin at STERLINGCGI.COM
>    3 kadmin/changepw at STERLINGCGI.COM
>    3 kadmin/changepw at STERLINGCGI.COM
>
> # kadmin -p brocka/admin
> Authenticating as principal brocka/admin with password.
> Password for brocka/admin at SCGROUP.ORG:
> kadmin:  listprincs */SCGROUP.ORG@*
> krbtgt/SCGROUP.ORG at SCGROUP.ORG
> krbtgt/SCGROUP.ORG at STERLINGCGI.COM
> kadmin:
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20070905/8ca41baf/attachment.bin


More information about the Kerberos mailing list