unable to get default realm for solaris 10
Mohammad, Meraj
Meraj.Mohammad at atosorigin.com
Thu Dec 31 01:20:58 EST 2009
Hi Andrea,
Thanks for your prompt reply. I have executed below command as
suggested by you but still I am getting same error. I have seen the log
file and found may error in log. Please see he attached log file. Please
let me help what is the wrong in my configuration.
ln -s /etc/krb5.conf /etc/krb5/krb5.conf
truss /usr/local/sbin/kadmin.local > /tmp/kadmin.local.log 2>&1
Regards
Meraj Alam
From: Andrea Cirulli [mailto:acirulli at gmail.com]
Sent: Thursday, December 31, 2009 12:00 AM
To: Mohammad, Meraj
Cc: kerberos at mit.edu
Subject: Re: unable to get default realm for solaris 10
Hi,
in what path is your krb5.conf, to be sure that all solaris and mit
tools are reading the same configuration file do this:
ln -s /etc/krb5.conf /etc/krb5/krb5.conf
If even this link does not fix your problem, do this:
truss /usr/local/sbin/kadmin.local > /tmp/kadmin.local.log 2>&1
and then in the output seek where the kadmin.local is looking for the
configuration file you will find some errors like ENOENT
Let me know.
Bye,
Andrea
Il giorno 30/dic/2009, alle ore 18.02, kerberos-request at mit.edu ha
scritto:
Message: 6
Date: Wed, 30 Dec 2009 20:09:36 +0530
From: "Mohammad, Meraj" <Meraj.Mohammad at atosorigin.com>
Subject: unable to get default realm for solaris 10
To: <kerberos at mit.edu>
Message-ID:
<
E1655CE653CA75409D37304B98E1A9C701291C96 at invkx001.in.atosorigin.com>
Content-Type: text/plain; charset="us-ascii"
i'm trying to setup Kerberos(krb5-1.7)with Solaris 10. While
installation I am getting following error. While running kadmin.local
/usr/local/sbin/kadmin.local
kadmin.local: unable to get default realm
Following is the my configuration file
Krb5.cof
[libdefaults]
default_realm = EUR.SLB.COM <http://EUR.SLB.COM/>
[realms]
EUR.SLB.COM <http://EUR.SLB.COM/> = {
kdc = nl0107dom11.eur.slb.com
<http://nl0107dom11.eur.slb.com/>
admin_server = nl0107dom11.eur.slb.com
<http://nl0107dom11.eur.slb.com/>
}
NAM.SLB.COM <http://NAM.SLB.COM/> = {
kdc = nl0107dom12.nam.slb.com
<http://nl0107dom12.nam.slb.com/>
admin_server = nl0107dom12.nam.slb.com
<http://nl0107dom12.nam.slb.com/>
}
LAM.SLB.COM <http://LAM.SLB.COM/> = {
kdc = nl0107dom13.lam.slb.com
<http://nl0107dom13.lam.slb.com/>
admin_server = nl0107dom13.lam.slb.com
<http://nl0107dom13.lam.slb.com/>
}
AFR.SLB.COM <http://AFR.SLB.COM/> = {
kdc = nl0107dom14.afr.slb.com
<http://nl0107dom14.afr.slb.com/>
admin_server = nl0107dom14.afr.slb.com
<http://nl0107dom14.afr.slb.com/>
}
MEA.SLB.COM <http://MEA.SLB.COM/> = {
kdc = nl0107dom15.mea.slb.com
<http://nl0107dom15.mea.slb.com/>
admin_server = nl0107dom15.mea.slb.com
<http://nl0107dom15.mea.slb.com/>
}
FEA.SLB.COM <http://FEA.SLB.COM/> = {
kdc = nl0107dom16.fea.slb.com
<http://nl0107dom16.fea.slb.com/>
admin_server = nl0107dom16.fea.slb.com
<http://nl0107dom16.fea.slb.com/>
}
INT.SLB.COM <http://INT.SLB.COM/> = {
kdc = nl0107dom17.int.slb.com
<http://nl0107dom17.int.slb.com/>
admin_server = nl0107dom17.int.slb.com
<http://nl0107dom17.int.slb.com/>
}
SLB.COM <http://SLB.COM/> = {
kdc = nl0107dom18.slb.com <http://nl0107dom18.slb.com/>
admin_server = nl0107dom18.slb.com
<http://nl0107dom18.slb.com/>
}
[domain_realm]
Kdc.cof
[kdcdefaults]
kdc_ports = 88
[realms]
EUR.SLB.COM <http://EUR.SLB.COM/> = {
kadmind_port = 749
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
default_principal_flags = +preauth,+forwardable,-postdateable
master_key_type = des-cbc-crc
supported_enctypes = des-cbc-crc:normal
acl_file = /etc/krb5/kadm5.acl
}
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
kadm5.acl
*/admin at EUR.SLB.COM *
DKumar7 at EUR.SLB.COM ADMCIL
*/*@EUR.SLB.COM ADMCIL
More information about the Kerberos
mailing list