G'day All, I've attempting to get kerberos installed and configured on a RHEL 3.0 server. Originally RHEL came with kerberos 1.2.7. I located and installed from rpm the 1.3.4 version of kerberos. I had it working at one point then decided to recreate the principal databases and keytab files. Since recreating the databases kerberos has not worked. I continually receive: "kinit(v5): Password incorrect while getting initial". I've checked and rechecked the password numerous times.
I used the following script to create the kerberos database: ------------------------- cut here ----------------------- #!/bin/sh # Script to initialize Kerberos Database # KRBDOMAIN=<Kerberos Domain> KRBFQDN=<domain name> KRBDIR=/var/kerberos/krb5kdc echo "Initialize Kerberos Database..." /usr/kerberos/sbin/kdb5_util create -r $KRBDOMAIN -s echo "Creating initial admin roles..." for x in admin changepw do /usr/kerberos/sbin/kadmin.local -q "ktadd -k $KRBDIR/kadm5.keytab kadmin/$x" done echo "Done." /sbin/service krb5kdc start /sbin/service kadmin start echo "Adding Principals..." for x in krbadm Manager Replicator do echo "Adding $x" if [ "$x" = "krbadm" ]; then /usr/kerberos/sbin/kadmin.local -q "ank $x/[EMAIL PROTECTED]" /usr/kerberos/sbin/kadmin.local -q "ktadd $x/[EMAIL PROTECTED]" else /usr/kerberos/sbin/kadmin.local -q "ank [EMAIL PROTECTED]" /usr/kerberos/sbin/kadmin.local -q "ktadd [EMAIL PROTECTED]" fi done echo "Adding Network Hosts..." for x in server1 server2 ... do /usr/kerberos/sbin/kadmin.local -q "ank -randkey host/$x.$KRBFQDN" /usr/kerberos/sbin/kadmin.local -q "ank -randkey ldap/$x.$KRBFQDN" /usr/kerberos/sbin/kadmin.local -q "ktadd host/$x.$KRBFQDN" /usr/kerberos/sbin/kadmin.local -q "ktadd ldap/$x.$KRBFQDN" done echo "Done." /bin/chmod 644 /etc/krb5.keytab --------------------------end cut ------------------------- Is the proper way to create the kerberos database? If not, what is the proper way? What else should I be looking at? Marcus O. ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos