On Fri, 18 Jul 2014, jarek wrote: > Hello! > > How can I automatically get kadmin/kdc.domain@REALM ticket, so I can > access kadmin without entering password second time ? > If I have valid ticket I can connect with ssh, and ticket for > host/server is created automatically. The same is with psql, but not for > kadmin.
kadmin requires tickets with the INITIAL flag set, i.e., not granted from the TGS. You can use kinit -c FILE:/path/to/ccname -S kadmin/kdc.domain@REALM to get such a service ticket and put it in the named cache. kadmin -c FILE:/path/to/ccname should then successfully authenticate without prompting for a password. -Ben Kaduk ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
