I'm trying to make aliases work but somehow they don't. Surely I'm doing
something wrong...

I want to have the 'main' principal imap/server.example.com aliased as
imap/imap.example.com for the obvious reason. So I did in kadmin

ank -r imap/server.example.com
modify --alias="imap/imap.example.com" imap/server.example.com

list -l confirms that the alias is there

now I extract the key in the keytab

ext_keytab -k /data/imap/krb5.keytab imap/server.example.com

but a ktutil list *doesn't* show the aliases (an auth doesn't work)

Trying to regenerate/extract the key with ktutil get doesn't work
either, it says "ktutil: kadm5_create_principal(imap/server.example.com):
Principal does not exist"

Any hint or documentation on what's happening?

The 'obvious' solution would be to create the imap/imap.example.com as a
standalone principal but I fear it will be a mess with
canonicalization...

Thanks in advance


--
Lorenzo Marcantonio

Attachment: signature.asc
Description: PGP signature

Reply via email to