kadmin: error

Printable View

02-18-2008, 12:54 PM
unix

kadmin: error

Dear all,
I am a new bee to kerberos ,i am running client and kdc server on the
same machine .my short term aim is to get
a ticket from kdc succesfully...
I followed the steps below..
1) ./configure
make
make install
2) Edited file in /etc/krb5.conf and it goes like this
[libdefaults]
default_realm = GESL.COM
dns_lookup_realm = false
krb4_config = /usr/kerberos/lib/krb.conf
krb4_realms = /usr/kerberos/lib/krb.realms

[kdc]
profile = /usr/local/var/krb5kdc/kdc.conf

[realms]
GESL.COM = {
kdc = 172.16.8.70:88
admin_server = 172.16.8.70
default_domain = GESL.COM
v4_instance_convert = {
gesl = gesl.com
}
}

[domain_realm]
.gesl.com = GESL.COM
gesl.com = GESL.COM

[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
3) edited file /usr/local/var/krb5kdc/kdc.conf it goes like this
[kdcdefaults]
kdc_ports = 750,88

[realms]
GESL.COM = {
profile = /etc/krb5.conf
database_name = /usr/local/var/krb5kdc/principal
admin_keytab = FILE:/usr/local/var/krb5kdc/kadm5.keytab
acl_file = /usr/local/var/krb5kdc/kadm5.acl
key_stash_file = /usr/local/var/krb5kdc/.k5.GESL.COM
kdc_ports = 750,88
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
}
4) in /usr/local/var/krb5kdc/kadm5.acl
root/admin@GESL.COM *
5) I used kdb5_util create -r GESL.COM -s
gave password
6) kadminl.ocal: addprinc root/admin@GESL.COM
: quit
7) root@Naveen:~/krb5-1.6.3/src# kadmin
Authenticating as principal root/admin@GESL.COM with password.
Password for root/admin@GESL.COM:
kadmin: Incorrect password while initializing kadmin interface
8)root@Naveen:~/krb5-1.6.3/src# kinit
kinit(v5): Client not found in Kerberos database while getting initial
credentials

can any one please kindly help me out ...........

with & regards
naveen
02-22-2008, 06:14 PM
unix

Re: kadmin: error

Naveen BN wrote:
[color=blue]
> 7) root@Naveen:~/krb5-1.6.3/src# kadmin
> Authenticating as principal root/admin@GESL.COM with password.
> Password for root/admin@GESL.COM:
> kadmin: Incorrect password while initializing kadmin interface[/color]

From what you've said it appears you haven't set a password for your
root/admin principal - this isn't the same as your database password.
Fire up kadmin.local and set a pwd with 'cpw root/admin'.
[color=blue]
> 8)root@Naveen:~/krb5-1.6.3/src# kinit
> kinit(v5): Client not found in Kerberos database while getting initial
> credentials[/color]

Have you created a host principal and keytab? Just a thought...

Cheers,
Jamin
--
Jamin @ Home @ Chester UK
02-22-2008, 06:16 PM
unix

Re: kadmin: error

Naveen BN wrote:

<snip>

Are you using FreeBSD which has the Heimdal kadmin installed by default?
If you've installed the MIT krb5kdc port you'll need to use the correct
kadmin as the two don't get on, check /usr/local/sbin.

Cheers,
Jamin
--
Jamin @ Home @ Chester UK