unable to get default realm for solaris 10

Andrea Cirulli acirulli at gmail.com
Wed Dec 30 13:30:12 EST 2009


Hi,

in what path is your krb5.conf, to be sure that all solaris and mit tools are reading the same configuration file do this:

ln -s /etc/krb5.conf /etc/krb5/krb5.conf

If even this link does not fix your problem, do this:

truss /usr/local/sbin/kadmin.local > /tmp/kadmin.local.log 2>&1

and then in the output seek where the kadmin.local is looking for the configuration file you will find some errors like ENOENT

Let me know.

Bye,
Andrea

Il giorno 30/dic/2009, alle ore 18.02, kerberos-request at mit.edu ha scritto:

> Message: 6
> Date: Wed, 30 Dec 2009 20:09:36 +0530
> From: "Mohammad, Meraj" <Meraj.Mohammad at atosorigin.com>
> Subject: unable to get default realm for solaris 10
> To: <kerberos at mit.edu>
> Message-ID:
> 	<E1655CE653CA75409D37304B98E1A9C701291C96 at invkx001.in.atosorigin.com>
> Content-Type: text/plain;	charset="us-ascii"
> 
> i'm trying to setup Kerberos(krb5-1.7)with Solaris 10. While
> installation I am getting following error. While running  kadmin.local
> 
> /usr/local/sbin/kadmin.local
> kadmin.local: unable to get default realm
> 
> Following is the my configuration file
> 
> 
> Krb5.cof
> 
> [libdefaults]
> 
>        default_realm = EUR.SLB.COM
> 
> 
> 
> [realms]
> 
>        EUR.SLB.COM = {
> 
>                kdc = nl0107dom11.eur.slb.com
> 
>                admin_server = nl0107dom11.eur.slb.com
> 
>        }
> 
>        NAM.SLB.COM = {
> 
>                kdc = nl0107dom12.nam.slb.com
> 
>                admin_server = nl0107dom12.nam.slb.com
> 
>        }
> 
>        LAM.SLB.COM = {
> 
>                kdc = nl0107dom13.lam.slb.com
> 
>                admin_server = nl0107dom13.lam.slb.com
> 
>        }
> 
>        AFR.SLB.COM = {
> 
>                kdc = nl0107dom14.afr.slb.com
> 
>                admin_server = nl0107dom14.afr.slb.com
> 
>        }
> 
>        MEA.SLB.COM = {
> 
>                kdc = nl0107dom15.mea.slb.com
> 
>                admin_server = nl0107dom15.mea.slb.com
> 
>        }
> 
>        FEA.SLB.COM = {
> 
>                kdc = nl0107dom16.fea.slb.com
> 
>                admin_server = nl0107dom16.fea.slb.com
> 
>        }
> 
>        INT.SLB.COM = {
> 
>                kdc = nl0107dom17.int.slb.com
> 
>                admin_server = nl0107dom17.int.slb.com
> 
>        }
> 
>        SLB.COM = {
> 
>                kdc = nl0107dom18.slb.com
> 
>                admin_server = nl0107dom18.slb.com
> 
>        }
> 
> [domain_realm]
> 
> 
> 
> Kdc.cof
> 
> [kdcdefaults]
> 
>   kdc_ports = 88
> 
> 
> 
> [realms]
> 
>   EUR.SLB.COM = {
> 
>      kadmind_port = 749
> 
>      max_life = 10h 0m 0s
> 
>      max_renewable_life = 7d 0h 0m 0s
> 
>      default_principal_flags = +preauth,+forwardable,-postdateable
> 
>      master_key_type = des-cbc-crc
> 
>      supported_enctypes = des-cbc-crc:normal
> 
>      acl_file = /etc/krb5/kadm5.acl 
> 
> }
> 
> [logging]
> 
>         kdc = FILE:/var/log/krb5kdc.log
> 
>         admin_server = FILE:/var/log/kadmin.log
> 
>         default = FILE:/var/log/krb5lib.log
> 
> 
> 
> kadm5.acl
> 
> */admin at EUR.SLB.COM  *
> 
> DKumar7 at EUR.SLB.COM  ADMCIL
> 
> */*@EUR.SLB.COM ADMCIL
> 
> 
> 
> 




More information about the Kerberos mailing list