krb5 RHEL 5.1 and NetworkManager
neelsmail@rediffmail.com
neelsmail at rediffmail.com
Tue May 13 08:23:41 EDT 2008
Hi,
I am _very_ new to kerberos AND Linux. But here is what I am trying to
do:
- I have Windows 2003 SP1 server which is acting as Domain Controller
(KDC I believe).
- I have Linux RHEL 5.1 which is trying to authenticate the added
service principal.
The problem: Every time I run the "kinit" command, like the one given
below, in the context of Active Directory user I have logged in as, it
pops up krb5-auth-dialog where I have to enter the credentials,
_everytime_.
Command: kinit /S host/AnotherXpHost.MyDomain.com -k -t /etc/
MyKeyTab.keytab ServicePrincipalName
What I observed is before I run "kinit" command, klist (just "klist"
without any argument), list that the current ticket avaiable is krbtgt/
MyDomain.com at MyDomain.com
When the above mentioned "kinit" command is completed and I run
"klist" it shows that, it is replaced with ticket for host/
AnotherXpHost.MyDomain.com at MyDomain.com
Now, the password authentication dialog (krb5-auth-dialog) shows up.
If I enter correct credentials now, and run klist, it again will
display that ticket available right now is for krbtgt/
MyDomain.com at MyDomain.com
Is it that the "kinit" I am running should _add_ instead of replacing
the ticket? or should I run "kinit" command with krbtgt _always_?
Thanks in advance,
Neel.
More information about the Kerberos
mailing list