Mark Phalan Mark.Phalan at Sun.COM
Thu Mar 20 11:48:25 EDT 2008

On Thu, 2008-03-20 at 11:26 -0400, Tom Yu wrote:
> Mark Phalan <Mark.Phalan at Sun.COM> writes:
> > It might be nice to remove the necessity to configure a keytab for
> > kadmind (kadm5.keytab). The key data that kadmind needs could be taken
> > directly from the kerberos db. Doing it that way would simplify
> > administration/setup and remove a whole class of potential configuration
> > problems (kadm5.keytab missing principals, containing old principals,
> > wrong path to kadm5.keytab specified etc.)
> This was already done in a prior release.  I don't remember which
> release introduced it.  Some of the documentation may still refer to
> kadm5.keytab, though.

Ah, interesting. We don't have it in Solaris yet though. I'm doing a
resync at the moment so I'll take a look at that when I get to kadmind.

Thanks for the info,


More information about the krbdev mailing list