> It's attempting to verify the credentials against a host keytab and can't
> find the Kerberos realm for the host. You can probably fix this by adding
> an appropriate mapping to the [domain_realm] section of your krb5.conf.
>
>
The domain_realm section of my krb5.conf looks like this:
[domain_realm]
.ad.engr.uconn.edu = AD.ENGR.UCONN.EDU
ad.engr.uconn.edu = AD.ENGR.UCONN.EDU
AD.ENGR.UCONN.EDU should be my kerberos realm.
Perhaps the fact that I have a different domain (for NIS) in
/etc/domainname creates a problem?
> It's not necessary. The default behavior is to skip the check if you have
> no krb5.keytab file or if it contains no usable keys. However, the
> authentication will fail if it can't get even that far due to some other
> more basic problem, such as not being able to figure out the realm of the
> host.
>
That's good. I am not sure why it cannot figure out the realm though.
In fact, if I just
type "kinit username" it prompts me for the password for
"[EMAIL PROTECTED]"
Perhaps it would be worthwhile to try identical steps in Debian Sarge?
(I'm not really sure how stable Ubuntu is, but I like that all my
hardware works in it with no fighting!)
Rohit
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
