Question about principal aliases

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Question about principal aliases

Lorenzo Marcantonio
I'm trying to make aliases work but somehow they don't. Surely I'm doing
something wrong...

I want to have the 'main' principal imap/ aliased as
imap/ for the obvious reason. So I did in kadmin

ank -r imap/
modify --alias="imap/" imap/

list -l confirms that the alias is there

now I extract the key in the keytab

ext_keytab -k /data/imap/krb5.keytab imap/

but a ktutil list *doesn't* show the aliases (an auth doesn't work)

Trying to regenerate/extract the key with ktutil get doesn't work
either, it says "ktutil: kadm5_create_principal(imap/
Principal does not exist"

Any hint or documentation on what's happening?

The 'obvious' solution would be to create the imap/ as a
standalone principal but I fear it will be a mess with

Thanks in advance

Lorenzo Marcantonio

signature.asc (465 bytes) Download Attachment