KRB5 & Sun Solaris 9
Will Fiveash
William.Fiveash at Sun.COM
Fri Apr 24 17:09:48 EDT 2009
On Fri, Apr 24, 2009 at 03:45:00PM -0500, McGranahan, Jamen wrote:
> * Yes, I can ping the kdc.
Try:
truss -o /tmp/truss.out -u:: kinit
which will show all the functions called and their return values (well,
if they have a non-void return value). This may help pin down why kinit
is failing.
> * Doug: as for the IP address use, we found that for some reason, it
> worked better with the IP on the other 2 boxes we have this installed &
> working. So, keeping the same settings, logic would suggest it should
> work here too.
Well, it really depends on your DNS configuration. Does nslookup work
for the KDC hostname on the Solaris systems? In general it should. Use
of a IP address for the kdc usually indicates a distrust of the DNS
servers.
> I've also tried changing the VANDERBILT.EDU realm with
> just an IP address for the KDC, but that gave me no change. As for why
> we have 2 realms, etc., this was all pre-configured and found to work on
> our other 2 Sun boxes. I really don't know the reasoning behind it.
> Sorry.
>
> Jamen McGranahan
> Systems Services Librarian
> Vanderbilt University
--
Will Fiveash
Sun Microsystems Inc.
http://opensolaris.org/os/project/kerberos/
More information about the Kerberos
mailing list