[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Solaris 9 + Heimdal KDC?

To: heimdal-discuss@sics.se
Subject: Re: Solaris 9 + Heimdal KDC?
From: Love <lha@stacken.kth.se>
Date: Wed, 16 Feb 2005 19:55:26 +0100
In-Reply-To: <20050214184506.GE10864@pri.gmi.com> (Adam Morley's message of"Mon, 14 Feb 2005 10:45:06 -0800")
References: <20050214184506.GE10864@pri.gmi.com>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix)

Adam Morley <adam-software-heimdal@gmi.com> writes:

> PAM-KRB5 (auth): krb5_verify_init_creds failed: Key table entry not found
[....]
> PAM-KRB5 (auth): krb5_verify_init_creds failed: Key table entry not found
[...]
> the line, "PAM-KRB5 (auth): krb5_verify_init_creds failed: Key table
> entry not found" is the one in Sun's docs that claims I don't have a
> keytab.
>
> The space I put in the log is me hitting enter on that terminal when I
> see the password prompt, but before I enter the password and hit enter.

It depend on how the lib resolves the principal name of the host. There are
two issues, first if the machine failes to default to resolve its name to
the FQDN, and second because it get confused of what realm to use.

The first should be fixable by changing the order in /etc/hosts, the second
by doing what below.

> [domain_realm]
>         .gmi.com = GMI.COM

You probably want to add add the line below in the [domain_realm] section.

          .prod.gmi.com = GMI.COM

Love

PGP signature

Follow-Ups:
- Re: Solaris 9 + Heimdal KDC?
  - From: Adam Morley <adam-software-heimdal@gmi.com>

References:
- Solaris 9 + Heimdal KDC?
  - From: Adam Morley <adam-software-heimdal@gmi.com>

Prev by Date: Solaris 10, GSSAPI and fqhn
Next by Date: Re: encryption problem setting up slave
Prev by thread: Solaris 9 + Heimdal KDC?
Next by thread: Re: Solaris 9 + Heimdal KDC?
Index(es):
- Date
- Thread