Hi list,

A bit of a longshot: We have a Dell/EMC Isilon cluster, which we use for NAS. I 
am considering to set up Kerberos authentication for NFSv4, but I'm not able to 
create the Service Principal Names (SPNs). I believe kadmin is not supported by 
the FreeIPA servers, but wonder if there are any work-arounds.

I can configure the KDCs, domain and realm successfully in the Isilon UI. The 
UI then asks for a username and password, and which SPNs to "Add". When I use 
the admin user, this fails right away (with an error "Failed to join realm: 
LW_ERROR_KADM5_AUTH_ADD"). It doesn't matter if I create the service principal 
in the FreeIPA system first, I get the same error.  The UI doesn't have an 
option to take a keytab, just a username and password.

I'm curious if anyone has been able to work with systems which insist on using 
the kadmin protocol.

(LDAP is working perfectly)

FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to