# cat /usr/local/kerberos5/var/krb5kdc/kadm5.acl [EMAIL PROTECTED] * [EMAIL PROTECTED] * [EMAIL PROTECTED] * */*@gillnet.org i
# kadmin -p vgill/admin Authenticating as principal vgill/admin with password. Enter password: kadmin: Incorrect password while initializing kadmin interface But I am entering the right p/w! -----Original Message----- From: Steve Langasek [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 11, 2001 8:48 PM To: Gill, Vern Cc: '[EMAIL PROTECTED]' Subject: RE: kadmin doesn't start On Tue, 11 Dec 2001, Gill, Vern wrote: > I have done this; > kdb5_util create -s > kadmin.local -q "ktadd -k kadm5.keytab kadmin/admin" > kadmin.local -q "ktadd -k kadm5.keytab kadmin/changepw" > kadmin.local -q "addprinc [EMAIL PROTECTED]" > kadmin.local -q "addprinc [EMAIL PROTECTED]" > shell# kadmin.local > Authenticating as principal [EMAIL PROTECTED] with password. > kadmin.local: addprinc [EMAIL PROTECTED] > WARNING: no policy specified for [EMAIL PROTECTED]; defaulting to no > policy > Enter password for principal "[EMAIL PROTECTED]": > Re-enter password for principal "[EMAIL PROTECTED]": > Principal "[EMAIL PROTECTED]" created. > kadmin.local: quit > Did I miss something? > I am following the instructions here http://www.bayour.com/LDAPv3-HOWTO.html > to some extent... Ok, then you have everything in the database that you need in order to use kadmin -- you just have to run "kadmin -p vgill/admin" so that it knows which principal to authenticate as (kadmin guesses by adding '/admin' to your login name -- but this doesn't work when you're root). So long as vgill/admin is in the kadm5.acl file (you don't mention whether you've done this), you'll be able to use kadmin once you've authenticated as this principal. Cheers, Steve Langasek postmodern programmer
