Hi Guys,
I am trying to configure my freeBSD for as a network authentication provider.
Thus I successfully configured Bind Dns and openldap..
Everything works nicely.
However I have bumped onto kerberos.
Now I installed the krb5 package,initialized the db with
I created root/admin,root,host and nfs principals,decativated the kinit and kadmin binaries in /usr/bin so as to use the krb5 binaries in /usr/local/bin however kadmin and kinit complain that:
However the principals ARE created in the db...
Here is my krb5.conf:
and my kdc.conf:
my /usr/local/var/krb5kdc directrory:
and my created principals:
Dns is working perfectly and my hostname "free.dharma.maya" IS resolvable.
HOWEVER both /usr/local/bin/kadmin and /usr/local/bin/kinit COMPLAIN that they cant find the principals...
Any help would be greatly appreciated.
Thanks for your kind attention
I am trying to configure my freeBSD for as a network authentication provider.
Thus I successfully configured Bind Dns and openldap..
Everything works nicely.
However I have bumped onto kerberos.
Now I installed the krb5 package,initialized the db with
Code:
kdb5_util create -s -r <MY.REALM>
Code:
Authenticating as principal root/admin@DHARMA.MAYA with password.
kadmin: Client 'root/admin@DHARMA.MAYA' not found in Kerberos database while initializing kadmin interface
Here is my krb5.conf:
Code:
[libdefaults]
default_realm = DHARMA.MAYA
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
pkinit_anchors = /usr/local/share/certs/ca-root-nss.crt
# default_ccache_name = KEYRING:persistent:%{uid}
fcc-mit-ticketflags = true
[realms]
DHARMA.MAYA = {
kdc = free.dharma.maya
admin_server = free.dharma.maya
}
[domain_realm]
.dharma.maya = DHARMA.MAYA
dharma.maya = DHARMA.MAYA
and my kdc.conf:
Code:
[kdcdefaults]
kdc_listen = 88
kdc_tcp_listen = 88
[realms]
DHARMA.MAYA = {
database_name = /usr/local/var/krb5kdc/principal
acl_file = /usr/local/var/krb5kdc/kadm5.acl
key_stash_file = /usr/local/var/krb5kdc/.k5.DHARMA.MAYA
kdc_listen = 88
kdc_tcp_listen = 88
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
}
Code:
[root@free /usr/local/var/krb5kdc]# ls
.k5.DHARMA.MAYA kdc.conf principal.kadm5 principal.ok
kadm5.acl principal principal.kadm5.lock
and my created principals:
Code:
[root@free /usr/local/var/krb5kdc]# kadmin.local listprincs
K/M@DHARMA.MAYA
dharma@DHARMA.MAYA
host/free.dharma.maya@DHARMA.MAYA
kadmin/admin@DHARMA.MAYA
kadmin/changepw@DHARMA.MAYA
kadmin/free.dharma.maya@DHARMA.MAYA
kiprop/free.dharma.maya@DHARMA.MAYA
krbtgt/DHARMA.MAYA@DHARMA.MAYA
nfs/free.dharma.maya@DHARMA.MAYA
root/admin@DHARMA.MAYA
root@DHARMA.MAYA
HOWEVER both /usr/local/bin/kadmin and /usr/local/bin/kinit COMPLAIN that they cant find the principals...
Any help would be greatly appreciated.
Thanks for your kind attention