[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Slave KDC
On 16 Aug 2004 09:25:20 -0400
Andrew Bacchi <email@example.com> wrote:
> On Sun, 2004-08-15 at 08:26, Keith Matthews wrote:
> > I have created a host entry for the slave. I have not set up
> > krb5.conf or krb.conf as the instructions imply one should not on
> > the slave.
> Have you extracted the host keytab and copied it to the slave as
> /etc/krb5.keytab? You DO need krb5.conf on both master and slave.
I have now - no effect. I've also set up krb5.conf - seems to be a
documentation issue there, certainly with the book.
I've tried kinit calls from the intended slave. Those are failing
"kinit: converting creds: Cannot contact any KDC for requested realm"
despite the request being logged by the master kdc. I thought it was a
firewall issue at first, but I've eliminated that now.
On examination of the kdc logs I've noticed that ticket requests come
from user/role@<domain><domain> which doesn't seem right. As yet I can't
work out what might be wrong though.
I'm beginning to wonder if it might just be an IPv6 issue, but that's
currently stretching credulity somewhat.