Alok Gore wrote:
I don't like realms that aren't upper case fully qualified domainsure
names (fqdns). Your is upper case but not a fqdn. I can't say for
when I was leading the SEAM team at Sun that this was ever attempted.
Wyllys might know if this works.
I'll try with the fqdn as the realm name.
It doesn't matter. The realm name can be different from the FQDN.
[EMAIL PROTECTED] (Mike Eisler) wrote in message
The other thing is that you are showing the klist output on the
NFS server. We need to klist output for the client.
(nfs-alok.blr.novell.com).
kinit'ing to root/<client name> on the NFS server is of no use.
Looks like there has been a misunderstanding. I gave the setting both
on client and server. I am having the keytab containing the
nfs-serverice's principal *both* on client and server (I know that
SEAM Docs do not mandate this keytab on the client machine, but there
is harm either). I have done kinit on server for root/server-hostname
Yes, it could actually cause a problem. Each time you 'ktadd' a key to the keytab, the key is updated in the server's database. If you add the same key to the client and the server, the first one you wrote will become invalid because the key has been changed when you wrote it on the 2nd one.
Only store the server key in the server's keytab.
-Wyllys
________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
