[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Easiest way to get service ticket after obtaining tgt
My krb5.conf has such lines already. I believe it's my client because
another program (a Java kerberos application) can successfully do what
I'm attempting with with the same krb5.conf file and same user@realm
and ldap/server@server attributes.
On 10/14/05, Love Hörnquist Åstrand <email@example.com> wrote:
Jeremiah Martell <firstname.lastname@example.org> writes:
> This is still not working for me. An ethereal trace shows me trying to get a
> ticket for "krbtgt/.", which is really strange.
> Anybody tell me what I'm doing wrong?
Something goes horribly wrong when the libkrb5 code tries to do the cross
realm. Either the client does something stupid, or the KDC is acting up.
If the first paket going out from the client is a request for the
"krbtgt/.@CLIENTREALM", then its the client that is confused.
In that case, add a domain_realm mapping entry in krb5.conf on the client.
The first dot in the line i right, check manual page for krb5.conf for
If its the KDC, check the log and see what it tells you.