Hi Kerberos experts, could anyone help me in addressing this issue since I am a T-O-T-A-L newbie in Kerberos.
I have to retrieve kerberos credential in Solaris 5.8 (SEAM 1.0.1) using a windows2003 Active Directory as KDC, and I am compelled to use the credential of a user different from Solaris' user. Let's say I work with user appadm on Solaris and user [EMAIL PROTECTED] in AD. AD administrator generated a keytab for my Solaris user in this way: Ktpass -princ kerberos/[EMAIL PROTECTED] -mapuser domuser -pass [passwd of domuser] -out domuser.keytab and gave me the domuser.keytab file. I configured krb5.conf and stored the content of this keytab file in /etc/krb5/krb5.keytab via ktutil: ktutil: rkt domuser.keytab ktutil: l slot KVNO Principal ---- ---- -------------------------------------------------------------------------- 1 4 kerberos/[EMAIL PROTECTED] ktutil: wkt /etc/krb5/krb5.keytab ktutil: q Now I think my krb5.conf is correct since I am able to get a TGT via kinit in this way: kinit kerberos/[EMAIL PROTECTED] then I enter domuser's password and with klist I can see the TGT. But I need to obtain the credentials without entering a password since the kinit command has to be put in the startup script of an application. So I tried this: appadm 99% kinit -k kerberos/[EMAIL PROTECTED] kinit: Key table entry not found while getting initial credentials :-S ...nothing useful found till now to explain this... what's wrong? Any help appreciated. Thanks in advance! :D Sandro ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
