Kerberos credential cache file generation issue.

Reddy Reddy reddytheman at gmail.com
Mon Oct 25 17:15:25 EDT 2010


Hi Vipin,

The issue is resolved by using the command : kinit -k <SPN> -c
FILE:/var/krb5/security/creds/krb5cc_<user_id>.The ticket will then be
routed to the file specified for the -c parameter. By using the above
command I'm able to generate the Ticket-Granting-Ticket in the repective
location i.e,/var/krb5/security/creds/krb5cc_[UID]. But when execute the
command klist then it showing the error message like Cendential cache file :
homesid/sidadm is not available. Can you please let me know which is
creating the problem here. Actually, I have given the sidadm group & 755
permission to the Keytab file & krb5.conf file so that sidadm user id is
able to access the kerberos file.

Kindly,look in to the issue and suggest the solution...

OS : AIX 6.1
MIT Kerberos 5 version

Thanks & Regards,
Reddy.


On Fri, Oct 22, 2010 at 8:41 PM, Vipin Rathor <v.rathor at gmail.com> wrote:

> Try doing kinit with full path i.e. /usr/krb5/bin/kinit <args>.. This
> way u should get CC file in desired path.
>
> If that doesn't work , try exporting KRB5CCNAME environment variable like
> this:
> export KRB5CCNAME=FILE:/var/krb5/security/creds/krb5cc_[UID]
>
> btw, which Kerberos distro you are using on AIX? (MIT or IBM)
>
> --
> -Rathor
>
> On Fri, Oct 22, 2010 at 8:09 PM, Reddy Reddy <reddytheman at gmail.com>
> wrote:
> > Hi Experts,
> >
> > Kindly,help me regarding the Kerberos SSO configuration activity which
> I'm
> > facing the issue with the Kerberos Ticket-Granting-Ticket in the AIX
> > systems.
> >
> > Actually, I have logged in to the User ID: SIDADM and execute the command
> > kinit -k* -t SAPService<SID>.keytab SAPService<SID>/<my.org>@<MY.ORG>
> *in
> > the AIX system and credential cache file generated in the /homesid/sidadm
> > directory. But as per the Kerberos guide the cache file has to save in
> the
> > /var/krb5/security/creds/krb5cc_<userid> directory. Kindly, suggest how
> to
> > change the directory path to /var/krb5/security/creds/krb5cc_<userid>.
> >
> > Kindly, suggest & provide the solution to the above stated issue.
> >
> > Thanks & Regards,
> > Reddy.
> > ________________________________________________
> > Kerberos mailing list           Kerberos at mit.edu
> > https://mailman.mit.edu/mailman/listinfo/kerberos
> >
>



More information about the Kerberos mailing list