Regarding MIT KDC server setup

Baghel, Gaurav Gaurav.Baghel at netapp.com
Thu Oct 30 17:41:36 EDT 2014


Agree. 
But If I want to setup a new fresh KDC on new machine, could you please help me and share the steps that one should follow.



-Gaurav

-----Original Message-----
From: Benjamin Kaduk [mailto:kaduk at MIT.EDU] 
Sent: Friday, October 31, 2014 3:09 AM
To: Baghel, Gaurav
Cc: kerberos at mit.edu
Subject: Re: Regarding MIT KDC server setup

On Wed, 29 Oct 2014, Baghel, Gaurav wrote:

> Hi MIT Team,
>
> I am doing setup for MIT KDC on solaris machine. I searched a lot over internet, but couldn't find any appropriate doc for the KDC setup.
> Request you to please give me all the steps or link to setup MIT KDC 
> over solaris. Also on one of the KDC I am getting below error:-
>
> bash-3.00#
> bash-3.00# kadmin.local
> Authenticating as principal root/admin at SSQA.GDL.ENGLAB.NETAPP.COM with password.
> kadmin.local:
> kadmin.local:  list_principals
> get_principals: Database record is incomplete or corrupted while retrieving list.
> kadmin.local:
> kadmin.local:  add_principal -e "des-cbc-crc:normal 
> des-cbc-md5:normal" -randkey 
> nfs/f3170-29-203.gdl.englab.netapp.com at SSQA.GDL.ENGLAB.NETAPP.COM
> WARNING: no policy specified for 
> nfs/f3170-29-203.gdl.englab.netapp.com at SSQA.GDL.ENGLAB.NETAPP.COM; 
> defaulting to no policy Segmentation Fault (core dumped) bash-3.00#

That log is different than the transcript from the previous mail you sent to a different list.

It seems unlikely that anyone will be able to help without a complete understanding of what has happened to the system in question, Kerberos-wise, starting from kdb5_util create.

-Ben Kaduk



More information about the Kerberos mailing list