This is a discussion on Re: Starting the kadmin daemon proccess on ubuntu - Kerberos ; Actually its OK, I'm sorry i fixed both solutions myself just wanted to let everyone know as to not waste your time. The first problem was the kadmind deamon wasn't running. After re-reading the MIT install guide carefully i read ...
Actually its OK, I'm sorry i fixed both solutions myself just wanted to
let everyone know as to not waste your time.
The first problem was the kadmind deamon wasn't running. After
re-reading the MIT install guide carefully i read that this needs to be
running so i ran kadmind then i could run kadmin fine.
The second problem of the log file not being written to was the section
kdc = FILE:/krb5/var/logs/kdc.log
admin_server = FILE:/krb5/var/logs/adm.log
default = FILE:/krb5/var/logs/log.log
I moved to the bottom of the config file (it was near the top) after
moving it to the bottom of the conf file kerberos now logs fine.
I still assume thought that not having a slave KDC wont effect kerberos
Its crazy i know not having a slave KDC as a backup but there you go.
On Tue, 2007-11-20 at 15:39, Anthony McGovern wrote:
> Good Afternoon
> I was hoping someone could help me with a little problem
> im having with Kerberos. I've been following the admin and install
> guides on the MIT website and I'm now at the point where i have to start
> the deamon processes krb5kdc and kadmin. Everything up to this point has
> worked fine. I can start the krb5kdc proccess without any problems:
> tssgtestbox@tssgtestbox:/krb5/sbin$ sudo krb5kdc
> tssgtestbox@tssgtestbox:/krb5/sbin$ ps -ef | grep krb
> root 4943 1 0 15:31 ? 00:00:00 ./krb5kdc
> 1000 4945 4830 0 15:31 pts/0 00:00:00 grep krb
> However when i try to start the kadmin process i get the following error
> tssgtestbox@tssgtestbox:/krb5/sbin$ sudo kadmin
> Authenticating as principal root/admin@KERBEROS.MYDOMAIN.COM with
> kadmin: Incorrect password while initializing kadmin interface
> I have created the kadm5.acl file its only got 2 lines at the moment as
> im only testing before i add more to it
> root/admin@KERBEROS.MYDOMAIN.COM *
> */*@KERBEROS.MYDOMAIN.COM *
> and i can run the kadmin.local command fine. I have added
> root/admin@KERBEROS.MYDOMAIN.COM into the kerberos database using the
> kadmin.local but every time i try to run kadmin i get the above error.
> Also its worth noting that i only have 1 KDC. I was only able to obtain
> i system for this so i cant setup a slave KDC. I only have a master
> running I'm hoping thats not the problem.
> Another unusual thing I've noticed but its not that important yet is
> that Kerberos isn't writing to my log files. These are the lines from my
> krb5.conf file in my /etc directory
> kdc = FILE:/krb5/var/logs/kdc.log
> admin_server = FILE:/krb5/var/logs/adm.log
> default = FILE:/krb5/var/logs/log.log
> I have made sure the .log files exist and are in the directory specified
> above. But if i could get the kadmin issue sorted first id be really
> Kind Regards
> Anthony McGovern