Re: mit kerberosv5 1.2.7 - kadmin wont connect - please help

Wed, 02 Apr 2003 19:54:39 -0800

Yes sorry, those are LDAP objectClasses. Prior to having the shadowAccount objectClass in my account I was getting the same "Secure RPC required" error that you mentioned. Where are you getting account info from? Local account? NIS?

--Matthew

--On Wednesday, April 02, 2003 10:55 PM -0500 Yan <[EMAIL PROTECTED]> wrote:

Are you talking about LDAP ?
It looks like it, I would really like to plug my MIT Kerberos KDC into
LDAP but it doesnt seem to support it so far. because I didnt
see the option when configuring it.

Here is the output of the principal Im am using for test :

kadmin:  getprinc yan/admin
Principal: yan/[EMAIL PROTECTED]
Expiration date: [never]
Last password change: Fri Mar 28 22:42:23 CST 2003
Password expiration date: [none]
Maximum ticket life: 0 days 10:00:00
Maximum renewable life: 7 days 00:00:00
Last modified: Fri Mar 28 22:42:23 CST 2003 (root/[EMAIL PROTECTED])
Last successful authentication: [never]
Last failed authentication: [never]
Failed password attempts: 0
Number of keys: 3
Key: vno 1, Triple DES cbc mode with HMAC/sha1, no salt
Key: vno 1, DES cbc mode with CRC-32, no salt
Key: vno 1, DES cbc mode with CRC-32, Version 4
Attributes:
Policy: [none]

How can I see these objectClass properties ?

Yan
---------------------------------
----- Original Message -----
From: "Matthew Mauzy" <[EMAIL PROTECTED]>
To: "Yan" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, April 02, 2003 10:37 PM
Subject: Re: mit kerberosv5 1.2.7 - kadmin wont connect - please help


What objectClasses do you have defined for the user accounts?  Make sure
that you have shadowAccount in there.  Here's what I have:

objectClass=person
objectClass=organizationalPerson
objectClass=inetOrgPerson
objectClass=posixAccount
objectClass=shadowAccount
objectClass=top
objectClass=krb5Principal

--Matthew
__________________________________________________________________
                        Matthew W. Mauzy
                      Systems Administrator
                      Applied Math @ UNC-CH
email : [EMAIL PROTECTED]           pager : [EMAIL PROTECTED]
 (W) 919.962.9819   www.amath.unc.edu/~mauzy/   (P) 919.347.0390
__________________________________________________________________


--On Wednesday, April 02, 2003 10:09 PM -0500 Yan
<[EMAIL PROTECTED]> wrote:

> I tried to authenticate my solaris8 box with the bundled
> PAM_Kerb5 module, and it doesnt work because
> Sun SEAM Kdc is working with a SecureRPC method
> different than the one MIT Kerberos use.
>
> Is there a way to authenticate my solaris clients
> with the MIT kerberos KDC ?
>
> Thank you,
> Yan
> --------------
>



__________________________________________________________________
                       Matthew W. Mauzy
                     Systems Administrator
                     Applied Math @ UNC-CH
email : [EMAIL PROTECTED]           pager : [EMAIL PROTECTED]
(W) 919.962.9819   www.amath.unc.edu/~mauzy/   (P) 919.347.0390
__________________________________________________________________
________________________________________________
Kerberos mailing list           [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos

Reply via email to