Streamlining host principal keytab provisioning?

Russ Allbery rra at stanford.edu
Mon May 7 12:20:35 EDT 2012


Sebastian Galiano <Sebastian.Galiano at spilgames.com> writes:

> The USER at REALM was exactly the user I used to execute the command
> 'wallet-admin initialize USER at REALM'.

> After that I tried to create and object using :

>    wallet create keytab nfs/host.domain.org

> I keep on having an : wallet: Access denied and the remctl server says: 

> remctld: COMMAND from USER at REALM: wallet create keytab nfs/host.domain.org
> remctld: access denied: user  USER at REALM, command wallet create

Hm, okay, maybe I'm wrong and this is a remctl ACL problem.  What does
your remctl configuration say for the wallet command?

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>


More information about the Kerberos mailing list