[Perl-unix-users] Authen::Krb5

Wed, 24 Aug 2011 04:12:08 -0700 

Hi all,

I am trying to use Authen::Krb5 and have written a simple script for testing 
authentication against our Kerberos Server (see below). Unfortunately, I'm 
getting the error message "Server not found in Kerberos database". I think, it 
might have s.th. to do with an improper service principal returned by 
Krb5::sname_to_principal. The below script generates the following output:

---
app context: 1
user principal: schu...@informatik.uni-tuebingen.de
service principal: 
amoxicillin.informatik.uni-tuebingen...@informatik.uni-tuebingen.de
default credentials cache: /tmp/krb5cc_1000_zaZV64
kdc servers: KDC1.INFORMATIK.UNI-TUEBINGEN.DE

Unable to get Kerberos ticket: Server not found in Kerberos database
---

I had expected, that the service principal would be 
krbtgt/informatik.uni-tuebingen...@informatik.uni-tuebingen.de instead of the 
amoxicillin.informatik.uni-tuebingen...@informatik.uni-tuebingen.de above. Am I 
thinking wrong? What could I try to make it work?

------------
use strict;
use Authen::Krb5;

my $USERNAME='schulze';
my $PASSWORD='***';
my $SERVICE='krbtgt/INFORMATIK.UNI.TUEBINGEN.DE';
my $HOSTNAME='amoxicillin';

my $appcontext=Authen::Krb5::init_context();
defined $appcontext or die 'Fatal: Unable to establish Kerberos context\n';

my $userp=Authen::Krb5::parse_name($USERNAME);
my $servicep=Authen::Krb5::sname_to_principal($HOSTNAME, $SERVICE, 
KRB5_NT_SRV_HST);
my $credcache=Authen::Krb5::cc_default();

print "\napp context: ".$appcontext."\n";
print "user principal: ".$userp->data()."@".$userp->realm()."\n";
print "service principal: ".$servicep->data()."@".$servicep->realm()."\n";
print "default credentials cache: ".$credcache->get_name()."\n";
print "kdc servers: 
".Authen::Krb5::get_krbhst(Authen::Krb5::get_default_realm())."\n\n";

if (Authen::Krb5::get_in_tkt_with_password($userp, $servicep, $PASSWORD, 
$credcache)) {
  print "Success!!!\n";
}
else {
  print "Unable to get Kerberos ticket: ", Authen::Krb5::error(),"\n\n";
}

Authen::Krb5::free_context();
------------


Best Regards, 
Jan
_______________________________________________
Perl-Unix-Users mailing list
Perl-Unix-Users@listserv.ActiveState.com
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs

Reply via email to