Re: Problem with kpasswd

[Dr A V Le Blanc <LeBlanc@mcc.ac.uk>]

On Wed, Feb 16, 2000 at 03:50:27AM +0100, Assar Westerlund wrote:
> Dr A V Le Blanc <LeBlanc@mcc.ac.uk> writes:
>>      > kpasswd zlsiial
>>      zlsiial@man.ac.uk's Password:
>>      New password:
>>      Verifying password - New password:
>>      kpasswd: krb5_change_password: Unknown error 4294967294
> 
> This is obviously an error (-2) and it's a bug that it doesn't get
> translated to an error message.  I think this is coming from
> getaddrinfo and would mean `name or service is unknown'.  Do you have
> the correct hostname in DNS or in the admin_server part of your
> krb5.conf?
> 
> Unfortunately, there's no simple way of reporting this error in the
> context of com_err.  This should, of course, be fixed, but will
> require some reworking.

The hostname is certainly in the DNS for forward and reverse lookup.
(It's avl.mcc.ac.uk at 130.88.201.63.)  The krb5.conf does have
in the realms section 'kdc = avl.mcc.ac.uk'; does it need a
kpasswdd entry as well?

I'd also be interested in two other questions not included in
the documentation, as far as I can see.  What do I need to get
slave servers working; there is a little bit in the kerberos-4
documentation, but almost nothing in heimdal.  Can I presume
the operation is fairly similar?  Second, I have compiled with
the two 'experimental' options to enable-kaserver and
enable-kaserver-db.  Do these work?  There isn't anything about
them except the options on the command line, and it would be
extremely useful if they worked.

I might even be moved to write a little documentation if I
get it all working...

     -- Owen
     LeBlanc@mcc.ac.uk