On Sat, 2010-06-05 at 13:43 -0400, Holger Rauch wrote: > When I try to start the slave KDC on host kdchost2.our.domain, I see > this error message in /var/log/kerberos/krb5kdc.log, even though I > copied the service.keyfile from the master KDC: > > krb5kdc: Cannot find/read stored master key - while fetching master > key K/M for realm OUR.DOMAIN
There are two key files used in a deployment like yours, one containing the passwords used to bind to the LDAP server, and another containing a "master key" which encrypts key information. The master key stash file should be named /var/krb5kdc/.k5.OUR.DOMAIN since you haven't overridden its location. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
