Streamlining host principal keytab provisioning?
Russ Allbery
rra at stanford.edu
Tue May 8 03:16:23 EDT 2012
Sebastian Galiano <Sebastian.Galiano at spilgames.com> writes:
> Ok, I missunderstood with the KEYTAB_PRINCIPAL parameter, now I've
> changed for user at REALM which is the principal I gave permissions to.
It needs to be the principal for which you created a keytab that's stored
wherever $KEYTAB_FILE is pointing to.
> Just in case i renewed the ticket of user at realm and then:
> $wallet create keytab nfs/host.domain.org
> wallet: keytab object implementation not configured
Okay, you're back to remctl working again.
if (not $Wallet::Config::KEYTAB_KRBTYPE) {
die "keytab object implementation not configured\n";
unless (defined ($Wallet::Config::KEYTAB_PRINCIPAL)
and defined ($Wallet::Config::KEYTAB_FILE)
and defined ($Wallet::Config::KEYTAB_REALM)) {
die "keytab object implementation not configured\n";
One of those variables isn't actually set or isn't being loaded or
something.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list