Re: Kerberos 4 enabled but no realm configured

["Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>]

On Apr 11, 2008, at 14:25 , Bill Baird wrote:
> [kdc]
> enable-524 = true
> enable-kerberos4 = true
> enable-kaserver = true
> database = {
>         realm = PHOENIXMI.COM
>         dbname = ldap:ou=users,dc=phoenixmi,dc=com
>         hdb-ldap-structural-object = inetOrgPerson
>         mkey_file = /var/heimdal/m-key
>     }
>
> [kadmin]
> default_keys = v4 v5


We have "v4_realm = ECE.CMU.EDU" and "afs-cell = ece.cmu.edu" in the  
[kdc] section of our kdc.conf.

That said, we have a need to retain v4 and kaserver compatibility  
(although I'm threatening to make it go away this fall; dunno yet how  
many living fossils will throw screaming, frothing fits when I turn  
it off...).  New installations should skip v4/kaserver completely and  
configure AFS for krb5.

-- 
brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allbery@kf8nh.com
system administrator [openafs,heimdal,too many hats] allbery@ece.cmu.edu
electrical and computer engineering, carnegie mellon university    KF8NH