[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "Server unknown" error

On Feb 16, 2006, at 5:17 PM, Brandon S. Allbery KF8NH wrote:

> On Feb 16, 2006, at 8:05 , Gilles wrote:
>> But, is it always the case for client-server applications, that the
>> principal name (or part of it) is hard-coded?  I just thought that
>> it might have been given as a configurable option (like the "-p"
>> option to e.g. "kadmin"), or is there some good reason for not doing
>> so?
> Yes, it's necessary, because clients and servers *must* agree on  
> the name to use o they won't be able to talk to each other.  The  
> easiest way to do this is to use a well-known service name (e.g.  
> "ldap") and the canonical fully-qualified server name.

In general, yes.  The FAQ recommends that it be configurable so e.g.  
you can distinguish a test server running on the same machine as a  
production one.  PostgreSQL is the only software I've seen that  
supports that though.

> kadmin's -p is for the *user's* credentials, which are a matter of  
> site policy; the *server* credential is "kadmin/admin" and is  
> (again) not changeable.

The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu