hi,how can i add a client to KDS? kadmin: Incorrect password while initializing kadmin interface

[ch huang]

hi,maillist:
           i do the following action but seems not work

# yum install krb5-workstation
copy krb5.conf from KDS host

and here is my krb5.conf content

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log
[libdefaults]
 default_realm = EXAMPLE.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 forwardable = yes
[realms]
 BENCHMARK.COM = {
  kdc = kerberos.benchmark.com:88
  admin_server = kerberos.benchmark.com:749
  default_domain = benchmark.com
 }
[domain_realm]
 .benchmark.com = BENCHMARK.COM
 benchmark.com = BENCHMARK.COM
[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }
also, client can find KDS

# nslookup 192.168.10.124
Server:         192.168.10.124
Address:        192.168.10.124#53
124.10.168.192.in-addr.arpa     name = kerberos.benchmark.com.
# ping kerberos.benchmark.com
PING kerberos.benchmark.com (192.168.10.124) 56(84) bytes of data.
64 bytes from CH124 (192.168.10.124): icmp_seq=1 ttl=64 time=0.109 ms
64 bytes from CH124 (192.168.10.124): icmp_seq=2 ttl=64 time=0.166 ms

when i do this from client ,it not work

# kadmin -r BENCHMARK.COM -p host/monitor.benchmark.com at BENCHMARK.COM -w
root -q "ktadd  -k /etc/krb5.keytab host/monitor.benchmark.com at BENCHMARK.COM
"
Authenticating as principal host/monitor.benchmark.com at BENCHMARK.COM with
password.
kadmin: Incorrect password while initializing kadmin interface
but i can do on KDS with same password,i do not know why? anyone can help?

# kadmin -r BENCHMARK.COM
Authenticating as principal root/admin at BENCHMARK.COM with password.
Password for root/admin at BENCHMARK.COM:
kadmin: