kprop between master (mandriva) and slave (solaris)
Marcin N
nichu at CUT.onet.pl
Tue Apr 29 10:55:47 EDT 2008
Hello
I'm trying to make krb database replication again (this time mandriva is
master and solaris is slave)
I patched kprop on master (mandriva) - by the way thank You for patch
one more time but while trying to execute kprop i get error message:
/usr/local/sbin/kprop -n kiprop at KRB.COM -f /home/nichu/dump.krb5
slave.krb.com
/usr/local/sbin/kprop: Cannot resolve network address for KDC in
requested realm while getting initial ticket
DNS is not an issue - because:
host slave.krb.com
slave.krb.com has address 192.168.0.50
in log there's nothing about that :/
file kdc.conf:
[kdcdefaults]
kdc_ports = 88,750
[realms]
KRB.COM = {
profile = /etc/krb5.conf
database_name = /usr/local/var/krb5kdc/principal
admin_database_name =
/usr/local/var/krb5kdc/principal.kadm5
admin_database_lockfile =
/usr/local/var/krb5kdc/principal.kadm.lock
admin_keytab = FILE:/etc/kerberos/krb5kdc/kadm5.keytab
acl_file = /etc/kerberos/krb5kdc/kadm5.acl
key_stash_file = /etc/kerberos/krb5kdc/.k5stash
kadmind_port = 749
max_life = 8h 0m 0s
max_renewable_life = 7d 0h 0m 0s
default_principal_flags = +preauth
}
=============================
file /etc/krb.conf
[libdefaults]
default_realm = KRB.COM
[realms]
KRB.COM = {
admin_server = master.krb.com
kdc = master.krb.com
kdc = slave.krb.com
master_kdc = master.krb.com
}
[domain_realm]
.krb.com = KRB.COM
krb.com = KRB.COM
[logging]
default = FILE:/var/log/kerberos/krb5libs.log
kdc = FILE:/var/log/kerberos/krb5kdc.log
admin_server = FILE:/var/log/kerberos/kadmind.log
[kdc]
profile = /etc/kerberos/krb5kdc/kdc.conf
==============================
Principals of course exists:
kadmin.local: listprincs
K/M at KRB.COM
host/slave.krb.com at KRB.COM
host/master.krb.com at KRB.COM
kadmin/admin at KRB.COM
kadmin/changepw at KRB.COM
kadmin/history at KRB.COM
kadmin/master.krb.com at KRB.COM
krbtgt/KRB.COM at KRB.COM
nichu/admin at KRB.COM
nichu at KRB.COM
So what's wrong ? ? ?
Regards
nichu
More information about the Kerberos
mailing list