On Tuesday, December 07, 2004 16:26:39 -0600 David A Flores <[EMAIL PROTECTED]> wrote:
Help anyone, We are using a Windows domain controller as a KDC and we are trying to authenticate a Solaris 9.0 OS box using Kerberos. The following is the command we use to create the keytab file:
ktpass -princ host/[EMAIL PROTECTED] -mapuser dean19 -pass * -out c:\dean19.keytab
Once we create the keytab file we send it to the sever via ssh. Attached are the pam.conf file and the krb5.conf that we configured. One the computer called dean19 we ran the ktutil
rkt /etc/krb5/dean.keytab wkt /etc/krb5/krb5.keytab
Why are you doing this, instead of just renaming the file?
After the rkt and the wkt commands we do a list and it shows a "slot KVNO Principal"
You haven't quoted the whole output, so I can't be sure, but I think what you are describing here is the output you get when there are _no_ keys in the keytab -- the text you quoted is the column headers.
But when we try to login to the box we get the following error.
Dec 7 16:27:38 dean19 login: [ID 537602 auth.error] PAM-KRB5 (auth): krb5_verify_init_creds failed: Key table entry not found
This is consistent with the key service key not being in the keytab.
-- Jeffrey T. Hutzelman (N3NHS) <[EMAIL PROTECTED]> Sr. Research Systems Programmer School of Computer Science - Research Computing Facility Carnegie Mellon University - Pittsburgh, PA
________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos