Er, um, it appears I was using the MIT version of kadmin on the client side. Problem solved!

On 3/25/2017 5:52 PM, Viktor Dukhovni wrote:


On Mar 25, 2017, at 7:38 PM, Adam Lewenberg <ada...@stanford.edu> wrote:

/usr/lib/heimdal-servers/kadmind --keytab=/etc/heimdal-kdc/kadmin.keytab 
--config-file=/etc/heimdal-kdc/kdc.conf --debug

When I run a kadmin command from another server this is the error that shows up 
in the logs:

017-03-25T16:31:13.895643-07:00 kerberos-qa1 kadmind[1667]: Miscellaneous 
failure (see text)
2017-03-25T16:31:13.895733-07:00 kerberos-qa1 kadmind[1667]: Failed to find 
kadmin/ad...@stanford.edu(kvno 1) in keytab FILE:/etc/krb5.keytab 
(aes256-cts-hmac-sha1-96)
2017-03-25T16:31:13.895932-07:00 kerberos-qa1 kadmind[1667]: gss error, exit

Why is kadmind looking at /etc/krb5.keytab when I specified the keytab file 
with the --keytab parameter?

[ I've not checked the 1.5 code. ]

Have you tried reversing the order of the options?


Reply via email to