Hi all - building my first kerberos realm and following the installation guide very closely (please bear with me).
I have a master and a slave kdc similar to daisy and use-the-force-luke in the tutorial. I reference them as kerberos and kerberos-1, respectively, throughout all the exercises. I've setup DNS to include the CNAME and SRV records as shown in the document. I have no reference to "daisy" or "use-the-force-luke" in krb5.conf, addprinc (host/kerberos.domain.org), ktadd (host/kerberos.domain.org), or the kpropd.acl (host/kerberos.domain.org). If I run from kadmin a listprincs command i get the proper host/[EMAIL PROTECTED] All of these references also have kerberos-1. I am able to perform a kdb5_util dump ok, but when I attempt a kprop -f to kerberos-1.domain.org, the error "Client not found in Kerberos database while getting initial ticket" appears. Looking at the krb5kdc.log file, I have a lot of CLIENT_NOT_FOUND: host/[EMAIL PROTECTED] for host/[EMAIL PROTECTED], Client not found in Kerberos database. In the krb5.conf I've changed dns_lookup_realm = true and dns_lookup_kdc = true, (both from false) but this doesn't solve the problem. Could someone please point me the right direction? Any help would be grealy appreciated - I'm almost there! Thanks, Jonathan ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
