I thanks from Stephen and Craig for their replying. I am sorry for doing cross posting, But I did not know about it before. I had to do for solving the problem, because no one did me answer .
On Wed, Dec 2, 2009 at 5:15 AM, Stephen Frost <sfr...@snowman.net> wrote: > * Craig Ringer (cr...@postnewspapers.com.au) wrote: > > I've dropped all your cross-posts; this is just going to PgSQL-general. > > Thanks for that. > > > On 30/11/2009 3:29 PM, rahimeh khodadadi wrote: > > > >> psql: *krb5_sendauth: Bad application version was sent (via sendauth)* > > > > Also: a search for your error message finds this post, which, while > > related to a Windows kerberos server, seems to apply: > > It's the same kind of issue (wrong service name), but I think the real > problem is this: > > krb_srvname = 'postgres/s...@example.com' > > The documentation, I think, is pretty clear: > > http://www.postgresql.org/docs/8.4/interactive/auth-methods.html#KERBEROS-AUTH > > PostgreSQL operates like a normal Kerberos service. The name of the > service principal is servicename/hostn...@realm. > > servicename can be set on the server side using the krb_srvname > configuration parameter > > The above should just be: > > krb_srvname = 'postgres' > > Or, better, just removed. Unless you're running under a Microsoft > Active Directory Kerberos environment, the default should 'just work'. > > Additionally, this is also almost certainly wrong: > > krb_server_hostname = 'star' > > Again, referring to the same documentation: > > hostname is the fully qualified host name of the server machine. > > You really should have a proper FQDN set for this system. I would also > recommend using a real domain rather than 'EXAMPLE.COM'. Also, I didn't > see the version of PostgreSQL, but if you're using something recent your > auth method should really be 'gss' instead of 'krb5'. > > > I don't know much about Kerberos, not I suspect do all that many people > > on the list, so I can't be of any more help. > > Unfortunately, I don't pay as close attention to the lists as I wish I > could. Kerberos with PG is actually a solution I typically recommend. > > Thanks, > > Stephen > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > > iEYEARECAAYFAksVxtQACgkQrzgMPqB3kihTAwCfYonsLsS1EirM+LQ89NbU+lXz > loQAn0dK1N6xco7Wdtq4m5SVPjMWaC9G > =zeD5 > -----END PGP SIGNATURE----- > > -- With Best Regards Miss.KHodadadi
