Rohit Mehta <[EMAIL PROTECTED]> writes: >> It's attempting to verify the credentials against a host keytab and can't >> find the Kerberos realm for the host. You can probably fix this by adding >> an appropriate mapping to the [domain_realm] section of your krb5.conf.
> The domain_realm section of my krb5.conf looks like this: > [domain_realm] > .ad.engr.uconn.edu = AD.ENGR.UCONN.EDU > ad.engr.uconn.edu = AD.ENGR.UCONN.EDU > AD.ENGR.UCONN.EDU should be my kerberos realm. > Perhaps the fact that I have a different domain (for NIS) in > /etc/domainname creates a problem? No, that won't matter. What's failing is this call: krb5_sname_to_principal(context, NULL, *service, KRB5_NT_SRV_HST, &princ); with a service of "host". I don't understand why this call would be failing with that error message when kinit is otherwise finding the right realm. > Perhaps it would be worthwhile to try identical steps in Debian Sarge? > (I'm not really sure how stable Ubuntu is, but I like that all my > hardware works in it with no fighting!) I doubt you'll get any different behavior in Debian sarge. In Debian etch, this function isn't used any more; instead, the native Kerberos library function that does the same thing is called. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
