A bit of a longshot: We have a Dell/EMC Isilon cluster, which we use for NAS. I
am considering to set up Kerberos authentication for NFSv4, but I'm not able to
create the Service Principal Names (SPNs). I believe kadmin is not supported by
the FreeIPA servers, but wonder if there are any work-arounds.
I can configure the KDCs, domain and realm successfully in the Isilon UI. The
UI then asks for a username and password, and which SPNs to "Add". When I use
the admin user, this fails right away (with an error "Failed to join realm:
LW_ERROR_KADM5_AUTH_ADD"). It doesn't matter if I create the service principal
in the FreeIPA system first, I get the same error. The UI doesn't have an
option to take a keytab, just a username and password.
I'm curious if anyone has been able to work with systems which insist on using
the kadmin protocol.
(LDAP is working perfectly)
FreeIPA-users mailing list -- email@example.com
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org