KRB5 & Sun Solaris 9

Fri Apr 24 22:48:23 EDT 2009

That was a HUGE help! Thanks Will. What I learned was the kinit command
was launching the default Sun KRB program instead of the one I
installed. So, when I used the full path for the new kinit
(/usr/local/krb5-1.6.3/bin/kinit mcgranj at DS.VANDERBILT.EDU), it worked!
Thanks for the tip!

Jamen McGranahan

-----Original Message-----

On Fri, Apr 24, 2009 at 03:45:00PM -0500, McGranahan, Jamen wrote:
> * Yes, I can ping the kdc.

Try:

truss -o /tmp/truss.out -u:: kinit

which will show all the functions called and their return values (well,
if they have a non-void return value).  This may help pin down why kinit
is failing.

> * Doug: as for the IP address use, we found that for some reason, it
> worked better with the IP on the other 2 boxes we have this installed
&
> working. So, keeping the same settings, logic would suggest it should
> work here too.

Well, it really depends on your DNS configuration.  Does nslookup work
for the KDC hostname on the Solaris systems?  In general it should.  Use
of a IP address for the kdc usually indicates a distrust of the DNS
servers.

--> PS. Nslookup worked, by the way.

-- 
Will Fiveash
Sun Microsystems Inc.
http://opensolaris.org/os/project/kerberos/