[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "Server unknown" error
On Feb 16, 2006, at 8:05 , Gilles wrote:
> But, is it always the case for client-server applications, that the
> principal name (or part of it) is hard-coded? I just thought that
> it might have been given as a configurable option (like the "-p"
> option to e.g. "kadmin"), or is there some good reason for not doing
Yes, it's necessary, because clients and servers *must* agree on the
name to use o they won't be able to talk to each other. The easiest
way to do this is to use a well-known service name (e.g. "ldap") and
the canonical fully-qualified server name.
kadmin's -p is for the *user's* credentials, which are a matter of
site policy; the *server* credential is "kadmin/admin" and is (again)
brandon s. allbery [linux,solaris,freebsd,perl]
system administrator [openafs,heimdal,too many hats]
electrical and computer engineering, carnegie mellon university