This is a discussion on Solaris 8 and mit kdc - Kerberos ; Thank you for your emails. I have been out of the office. I will try the advices as soon as I get back. Thank you, M. fsoliv wrote: > Before typing this command I do kinit -f username. > > ...
Thank you for your emails.
I have been out of the office.
I will try the advices as soon as I get back.
> Before typing this command I do kinit -f username.
> Also, i can't find a field in seam's krb5.conf file to configure the
> location of the keytabs. I have placed the krb5.keytab extracted
> from a linux machine into /etc/krb5/.
That is correct. The keytab on Solaris is /etc/krb5/krb5.keytab
On the Solaris box (as root), run "klist -ke" - this should show
you the contents of the keytab file. It *should* contain
a DES key for "host/foo.bar.com at YOUR.REALM" (Solaris 8).
Also, look in the KDC log files to see if the either the client
or the server is requesting keys for things the KDC does
not know about.
Kerberos is very sensitive to naming issues - we like to recommend
that you always use fully qualified hostnames for your host
based service principals and make sure that your naming
service returns f.q.d.n names for reverse address lookups.
What naming service are you using to resolve hostnames
(DNS, NIS, or just flat files like /etc/hosts) ?
Express yourself instantly with MSN Messenger! Download today - it's FREE!
Kerberos mailing list Kerberos@mit.edu