Solaris 8 and mit kdc

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Solaris 8 and mit kdc

Manel Euro
Thank you for your emails.

I have been out of the office.
I will try the advices as soon as I get back.
Thank you,

fsoliv wrote:

>  Before typing this command I do kinit -f username.
>  Also, i can't find a field in seam's krb5.conf file to configure the
>  location of the keytabs. I have placed the krb5.keytab extracted
>  from a linux machine into /etc/krb5/.

That is correct.   The keytab on Solaris is /etc/krb5/krb5.keytab

On the Solaris box (as root), run "klist -ke" - this should show
you the contents of the keytab file.  It *should* contain
a DES key for "host/ at YOUR.REALM" (Solaris 8).

Also, look in the KDC log files to see if the either the client
or the server is requesting keys for things the KDC does
not know about.

Kerberos is very sensitive to naming issues - we like to recommend
that you always use fully qualified hostnames for your host
based service principals and make sure that your naming
service returns f.q.d.n names for reverse address lookups.

What naming service are you using to resolve hostnames
(DNS, NIS, or just flat files like /etc/hosts) ?


Express yourself instantly with MSN Messenger! Download today - it's FREE!

Kerberos mailing list           [hidden email]