Kerberos auth based on ticket

Rowley, Mathew Mathew_Rowley at
Tue Dec 16 08:39:37 EST 2008

The hostname includes 'ipa' in it, but IPA is not installed. Sorry for any confusion - it was a box that did, and out of pure laziness, was never re-named. 



----- Original Message -----
From: Simo Sorce <ssorce at>
To: Rowley, Mathew
Cc: kerberos at <kerberos at>
Sent: Tue Dec 16 08:36:07 2008
Subject: Re: Kerberos auth based on ticket

On Tue, 2008-12-16 at 04:48 -0700, Mathew Rowley wrote:
> Looks like my problem is ‘Server not found in Kerberos database’.  So I am
> assuming that I need the server in the kerberos database as well as the
> user... Is that done just like adding a principal?
> Sorry, very new to this.

Matthwew, yes, as the (or the Red Hat docs) say you have to
create a principal for the target machine and obtain a keytab for it.

The 2 commands to use here are: ipa-addservice and ipa-getkeytab,
given these are custom commands that work only in an ipa context I
suggest you jump on the freeipa-users mailing list if you like.


Simo Sorce * Red Hat, Inc * New York

More information about the Kerberos mailing list