Anonymous kerberos and bootstrapping new hosts - how to?
Russ Allbery
rra at stanford.edu
Fri Sep 6 20:42:23 EDT 2013
James Croall <jcroall at coverity.com> writes:
> Thanks for the suggestion! Unfortunately that's not the problem - I gave
> that a try, and it's not even communicating with the KDC. There are zero
> packets being sent to the server, and per the error message:
> Authenticating as principal WELLKNOWN/ANONYMOUS at WELLKNOWN:ANONYMOUS with
> password; anonymous requested.
> kadmin: Cannot resolve network address for KDC in requested realm while
> initializing kadmin interface <==
Try also explicitly specifying the realm with -r, and possibly also the
host with -a. By default, it's probably trying to contact an admin server
with the same realm as the client authentication principal.
> Puzzled. Wondering if I'm going about this anonymous flow the right way
> at all!
It wouldn't surprise me if you're the first, or at least one of the first,
people to ever attempt to do this.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list