Regarding MIT KDC server setup
Baghel, Gaurav
Gaurav.Baghel at netapp.com
Thu Oct 30 17:41:36 EDT 2014
Agree.
But If I want to setup a new fresh KDC on new machine, could you please help me and share the steps that one should follow.
-Gaurav
-----Original Message-----
From: Benjamin Kaduk [mailto:kaduk at MIT.EDU]
Sent: Friday, October 31, 2014 3:09 AM
To: Baghel, Gaurav
Cc: kerberos at mit.edu
Subject: Re: Regarding MIT KDC server setup
On Wed, 29 Oct 2014, Baghel, Gaurav wrote:
> Hi MIT Team,
>
> I am doing setup for MIT KDC on solaris machine. I searched a lot over internet, but couldn't find any appropriate doc for the KDC setup.
> Request you to please give me all the steps or link to setup MIT KDC
> over solaris. Also on one of the KDC I am getting below error:-
>
> bash-3.00#
> bash-3.00# kadmin.local
> Authenticating as principal root/admin at SSQA.GDL.ENGLAB.NETAPP.COM with password.
> kadmin.local:
> kadmin.local: list_principals
> get_principals: Database record is incomplete or corrupted while retrieving list.
> kadmin.local:
> kadmin.local: add_principal -e "des-cbc-crc:normal
> des-cbc-md5:normal" -randkey
> nfs/f3170-29-203.gdl.englab.netapp.com at SSQA.GDL.ENGLAB.NETAPP.COM
> WARNING: no policy specified for
> nfs/f3170-29-203.gdl.englab.netapp.com at SSQA.GDL.ENGLAB.NETAPP.COM;
> defaulting to no policy Segmentation Fault (core dumped) bash-3.00#
That log is different than the transcript from the previous mail you sent to a different list.
It seems unlikely that anyone will be able to help without a complete understanding of what has happened to the system in question, Kerberos-wise, starting from kdb5_util create.
-Ben Kaduk
More information about the Kerberos
mailing list