Am 08.05.2012 15:03, schrieb Berthold Cogel:
> Am 07.05.2012 18:16, schrieb Greg Hudson:
>> On 05/07/2012 11:38 AM, Berthold Cogel wrote:
>>> -rw--- 1 root root 128 May 7 16:09 service.keyfile
>>
>>> [root@hydra krb5kdc]# kadmin.local
>>> kadmin.local: unable to get default realm
>>
>> I'm no
Sebastian Galiano writes:
> Ok, from the same wallet server I executed the following command:
> wallet create keytab nfs/host.domain.org -s server.domain.org
> My wallet.conf is:
> $DB_DRIVER = 'mysql';
> $DB_NAME = 'wallet';
> $DB_HOST = 'localhost';
> $DB_USER = 'wallet';
> $DB_PASSWORD =
Am 07.05.2012 17:38, schrieb Berthold Cogel:
> Hello!
>
> I'm trying to get kerberos running with an LDAP backend.
>
> System is RHEL 5.8 with krb5 1.6.1-70.el5 packages.
>
Just for the book:
I can start krb5kdc and with lsof I can see that it is at least trying
to use LDAP (using ldaps at the
Am 07.05.2012 18:16, schrieb Greg Hudson:
> On 05/07/2012 11:38 AM, Berthold Cogel wrote:
>> -rw--- 1 root root 128 May 7 16:09 service.keyfile
>
>> [root@hydra krb5kdc]# kadmin.local
>> kadmin.local: unable to get default realm
>
> I'm not sure why kadmin.local wouldn't be reading your krb
Ok, from the same wallet server I executed the following command:
wallet create keytab nfs/host.domain.org -s server.domain.org
My wallet.conf is:
$DB_DRIVER = 'mysql';
$DB_NAME = 'wallet';
$DB_HOST = 'localhost';
$DB_USER = 'wallet';
$DB_PASSWORD = 'PASSWORD';
$KEYTAB_FILE = '/etc/krb5.keytab
Sebastian Galiano writes:
> Ok, I missunderstood with the KEYTAB_PRINCIPAL parameter, now I've
> changed for user@REALM which is the principal I gave permissions to.
It needs to be the principal for which you created a keytab that's stored
wherever $KEYTAB_FILE is pointing to.
> Just in case i
Ok, I missunderstood with the KEYTAB_PRINCIPAL parameter, now I've changed for
user@REALM which is the principal I gave permissions to.
Just in case i renewed the ticket of user@realm and then:
$wallet create keytab nfs/host.domain.org
wallet: keytab object implementation not configured
Remc
Sebastian Galiano writes:
> Ok this is my wallet.conf at the wallet client:
> $KEYTABFILE= '/home/USER/krb5.test';
$KEYTAB_FILE, I assume.
> $KEYTAB_KRBTYPE= 'MIT';
> $KEYTAB_PRINCIPAL= 'host.domain.org';
Usually this has a slash in it somewhere. Are you sure that's the name
of the Kerberos