Hai Zaar
Wed, 28 Feb 2007 05:20:36 -0800
Hi, Love!Sorry for late reply. On 12/7/06, Love Hörnquist Åstrand <[EMAIL PROTECTED]> wrote:> 6 dec 2006 kl. 23.39 skrev Hai Zaar:>> > since I do not have kadmin/admin credential in cache.>> it will ask you for you password since the principal in the credental> cache> doesn't match what it think its the default (your principal with /> admin added).>> If you specify the principal with -p it should work just fine.But after 2 month in production, I can confirm that your patch worksjust fine. Thanks again!It will be great to have it included in upcoming heimdal-0.8.
$ kinit> [EMAIL PROTECTED]'s Password:> $ klist> Credentials cache: FILE:krb5cc_501> Principal: [EMAIL PROTECTED]>> Issued Expires Principal> Dec 7 00:04:57 Dec 7 10:06:00 krbtgt/[EMAIL PROTECTED]> Dec 7 00:04:58 Dec 7 10:06:00 [EMAIL PROTECTED]>> $ kadmin -p lha> kadmin> get lha> Principal: [EMAIL PROTECTED]> [...]> kadmin> ext -k /tmp/kaka host/nutcracker.it.su.se> kadmin> exit> $ klist> Credentials cache: FILE:krb5cc_501> Principal: [EMAIL PROTECTED]>> Issued Expires Principal> Dec 7 00:04:57 Dec 7 10:06:00 krbtgt/[EMAIL PROTECTED]> Dec 7 00:04:58 Dec 7 10:06:00 [EMAIL PROTECTED]> Dec 7 00:05:07 Dec 7 01:05:07 kadmin/[EMAIL PROTECTED]> $ kinit -t FILE:/tmp/kaka host/[EMAIL PROTECTED]> $ klist> Credentials cache: FILE:krb5cc_501> Principal: host/[EMAIL PROTECTED]>> Issued Expires Principal> Dec 7 00:11:33 Dec 7 10:12:36 krbtgt/[EMAIL PROTECTED]> Dec 7 00:11:34 Dec 7 10:12:36 [EMAIL PROTECTED]>>>> with!
this in the acl file:>> $ grep ^lha@ /var/heimdal/kadmind.acl> [EMAIL PROTECTED] get
[EMAIL PROTECTED]> [EMAIL PROTECTED] add,get,modify,cpw,del
host/nutcracker.it.su.se>>> Love>>>>>
-- Zaar