[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Compatibility problem?

To: heimdal-discuss@sics.se, <alexander.behrend@arcor.de>
Subject: Re: Compatibility problem?
From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
Date: Tue, 29 Apr 2008 09:52:15 -0400
Cc: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
In-Reply-To: <sympa.1209464641.12979.639@sics.se>
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
References: <sympa.1209464641.12979.639@sics.se>
Reply-To: heimdal-discuss@sics.se, "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>


On Apr 29, 2008, at 6:41 , <alexander.behrend@arcor.de>  
<alexander.behrend@arcor.de> wrote:

> krbtgt/SINGLESIGNON.EXAMPLE.COM@SINGLESIGNON.EXAMPLE.COM and
> krbtgt/EXAMPLE.COM@SINGLESIGNON.EXAMPLE.COM
>
> The logs "krb5kdc.log" told me that he is using both ticket  
> entries. So I
> deleted the second entry to force the use of only the first one  
> krbtgt entry.
>
> Now he shows me "Server not found in Kerberos database" (GSSAPI)
> and krbtgt/EXAMPLE.COM@SINGLESIGNON.EXAMPLE.COM: No such entry in  
> the database
> (krb5kdc.log)

Use of multiple krbtgt-s usually means crossrealm.  The realm is  
usually determined from the domain name via krb5.conf; if the wrong  
realm is being selected then you need to examine the [domain_realm]  
section of krb5.conf and/or get appropriate SRV records added to DNS  
for the domain(s).

-- 
brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allbery@kf8nh.com
system administrator [openafs,heimdal,too many hats] allbery@ece.cmu.edu
electrical and computer engineering, carnegie mellon university    KF8NH

References:
- Re: Re: Compatibility problem?
  - From: <alexander.behrend@arcor.de>

Prev by Date: Re: Re: Compatibility problem?
Next by Date: Re: Compatibility problem?
Prev by thread: Re: Re: Compatibility problem?
Next by thread: Re: Compatibility problem?
Index(es):
- Date
- Thread