Can kinit but not kvno
John Gilbertson
jgilbert at liv.ac.uk
Thu Apr 17 07:38:27 EDT 2008
Hi, I'm trying to set up MIT Kerberos so that we can authenticate
against an Active Directory service (Windows Server 2003 I believe) and
most things seem to be working, I just can't get kvno to work or keytab
files (Probably because of the kvno issue)
Here's the config:
[libdefaults]
default_realm = LIVAD.LIV.AC.UK
[realms]
LIVAD.LIV.AC.UK = {
kdc = livad.liv.ac.uk:88
admin_server = livad.liv.ac.uk
}
[domain_realm]
.liv.ac.uk = LIVAD.LIV.AC.UK
liv.ac.uk = LIVAD.LIV.AC.UK
And here's the output from various commands:
./kinit jgilbert at LIVAD.LIV.AC.UK
Password for jgilbert at LIVAD.LIV.AC.UK:
./klist
Ticket cache: FILE:/tmp/krb5cc_48703
Default principal: jgilbert at LIVAD.LIV.AC.UK
Valid starting Expires Service principal
04/17/08 12:30:22 04/17/08 22:30:26 krbtgt/LIVAD.LIV.AC.UK at LIVAD.LIV.AC.UK
renew until 04/18/08 12:30:22
Kerberos 4 ticket cache: /tmp/tkt48703
klist: You have no tickets cached
./kvno jgilbert at LIVAD.LIV.AC.UK
kvno: Server not found in Kerberos database while getting credentials
for jgilbert at LIVAD.LIV.AC.UK
So as you can see everything seems to work fine, I just can't use kvno.
What things should I be looking at to try to fix this? Could it be a
setting on the AD end denying such requests?
--
John Gilbertson
More information about the Kerberos
mailing list