Actually its OK, I'm sorry i fixed both solutions myself just wanted to
let everyone know as to not waste your time.

The first problem was the kadmind deamon wasn't running. After
re-reading the MIT install guide carefully i read that this needs to be
running so i ran kadmind then i could run kadmin fine.

The second problem of the log file not being written to was the section
marked

[logging]
kdc = FILE:/krb5/var/logs/kdc.log
admin_server = FILE:/krb5/var/logs/adm.log
default = FILE:/krb5/var/logs/log.log

I moved to the bottom of the config file (it was near the top) after
moving it to the bottom of the conf file kerberos now logs fine.

I still assume thought that not having a slave KDC wont effect kerberos
Its crazy i know not having a slave KDC as a backup but there you go.

Thanks anyway.
Anthony McGovern



On Tue, 2007-11-20 at 15:39, Anthony McGovern wrote:
> Good Afternoon
> I was hoping someone could help me with a little problem
> im having with Kerberos. I've been following the admin and install
> guides on the MIT website and I'm now at the point where i have to start
> the deamon processes krb5kdc and kadmin. Everything up to this point has
> worked fine. I can start the krb5kdc proccess without any problems:
>
> tssgtestbox@tssgtestbox:/krb5/sbin$ sudo krb5kdc
> tssgtestbox@tssgtestbox:/krb5/sbin$
> tssgtestbox@tssgtestbox:/krb5/sbin$ ps -ef | grep krb
> root 4943 1 0 15:31 ? 00:00:00 ./krb5kdc
> 1000 4945 4830 0 15:31 pts/0 00:00:00 grep krb
> tssgtestbox@tssgtestbox:/krb5/sbin$
>
> However when i try to start the kadmin process i get the following error
>
> tssgtestbox@tssgtestbox:/krb5/sbin$ sudo kadmin
> Authenticating as principal root/admin@KERBEROS.MYDOMAIN.COM with
> password.
> kadmin: Incorrect password while initializing kadmin interface
>
> I have created the kadm5.acl file its only got 2 lines at the moment as
> im only testing before i add more to it
>
> root/admin@KERBEROS.MYDOMAIN.COM *
> */*@KERBEROS.MYDOMAIN.COM *
>
>
> and i can run the kadmin.local command fine. I have added
> root/admin@KERBEROS.MYDOMAIN.COM into the kerberos database using the
> kadmin.local but every time i try to run kadmin i get the above error.
> Also its worth noting that i only have 1 KDC. I was only able to obtain
> i system for this so i cant setup a slave KDC. I only have a master
> running I'm hoping thats not the problem.
>
>
> Another unusual thing I've noticed but its not that important yet is
> that Kerberos isn't writing to my log files. These are the lines from my
> krb5.conf file in my /etc directory
>
> [logging]
> kdc = FILE:/krb5/var/logs/kdc.log
> admin_server = FILE:/krb5/var/logs/adm.log
> default = FILE:/krb5/var/logs/log.log
>
> I have made sure the .log files exist and are in the directory specified
> above. But if i could get the kadmin issue sorted first id be really
> greatful.
>
> Kind Regards
> Anthony McGovern