Well, here i am again. I was expecting that the granted ticket always hold the address to which it is valid. After obtaining a ticket by means of kinit, i got the following:
$ kinit [EMAIL PROTECTED]'s Password: $ klist -v Credentials cache: FILE:/tmp/krb5cc_1000 Principal: [EMAIL PROTECTED] Cache version: 4 Server: krbtgt/[EMAIL PROTECTED] Ticket etype: des3-cbc-sha1, kvno 1 Auth time: Jul 15 23:11:42 2006 End time: Jul 16 03:11:42 2006 Renew till: Aug 14 23:11:42 2006 Ticket flags: renewable, initial Addresses: The address information line is empty. I don't understand why! Here you have my krb5.conf: [appdefaults] forwardable = no proxiable = no # no-addresses = no ticket_lifetime = 14400 renew_lifetime = 3600 # encrypt = # forward = [libdefaults] default_realm = SSO.NET clockskew = 300 kdc_timeout = 4 # v4_name_convert # v4_instance_resolve # capath = { } # default_etypes = arcfour-hmac-md5 # default_etypes_des = des-cbc-crc default_keytab_name = FILE:/etc/kerberosV/krb5.keytab dns_lookup_kdc = yes dns_lookup_realm = no kdc_timesync = yes # max_retries = 4 ticket_lifetime = 14400 # renew_lifetime = 3600 forwardable = no # proxiable = yes verify_ap_req_nofail = yes # warn_pwexpire = 86400 # http_proxy = # dns_proxy = # extra_addresses = # time_format = # date_format = log_utc = yes scan_interfaces = no # fcache_version = # krb4_get_tickets = no # fcc-mit-ticketflags = yes [domain_realm] .my.domain = SSO.NET [realms] SSO.NET = { kdc = etosha.my.domain admin_server = etosha.my.domain kpasswd_server = etosha.my.domain # krb524_server = # v4_instance_convert # v4_name_convert # default_domain # tgs_require_subkey } #[capaths] # CLIENT-REALM = { # SERVER-REALM = hop-realm # } [logging] kadmind = FILE:/var/heimdal/kadmind.log kdc = STDERR default = STDERR [kdc] database = { # dbname = realm = SSO.NET # mkey_file = # acl_file = # log_file = } max-request = 1024 # require-preauth = yes # ports = addresses = 10.0.0.2 enable-kerberos4 = no # v4-realm = SSO.NET enable-524 = no enable-http = no enable-kaserver = no # check-ticket-addresses = yes # allow-null-ticket-addresses = no allow-anonymous = no # enable_as_rep_as_tgs_rep = no kdc_warn_pwexpire = 86400 # logging = # use_2b = [kadmin] # require-preauth = yes default_keys = v5 use_v4_salt = no