This post show's the problem: http://techblog.lucidillusion.org/2011/08/31/kerberos-over-tcp-on-os-x-10-7-lion/
"With the release of Mac OS X 10.7 (Lion) Apple has switched from MIT Kerberos <http://web.mit.edu/kerberos/>to Heimdal Kerberos<http://www.h5l.org/> ." So you either have a krb5.conf file that works with MIT Kerberos (mac ports) or Heimdal Kerberos (default). it's completely broken now. :( On Thu, Aug 15, 2013 at 11:49 AM, Brad Allison <[email protected]>wrote: > It is a problem between Heimdal-Kerberos (built in) and MIT-Kerberos (mac > ports) > > With Heimdal I need tcp/ in front of my address on the kdc line: > kdc = tcp/10.10..... > > With MIT kerberos if you have tcp/ it's can't read the address. > > So I can't have a single krb5.conf that works for both. > > I wish there was a way to make macports kinit use /etc/krb5.conf and make > built in Heimdal kerberos use /Library/Preferences/edu.mit.Kerberos . > > > > > > On Thu, Aug 15, 2013 at 10:56 AM, Brandon Allbery <[email protected]>wrote: > >> On Thu, Aug 15, 2013 at 10:45 AM, Brad Allison <[email protected]>wrote: >> >>> When I try to kinit using macports kinit it returns "Cannot contact any >>> KDC from realm...." >>> >>> When I try to kinit using default built in kinit (/usr/bin/kinit), it >>> works and I can get tickets. >>> >>> So why is macports kinit broken? >>> >> >> Not actually "broken" although I imagine you won't care about little >> details like how /Library/Preferences/edu.mit.Kerberos isn't guaranteed to >> be 100% compatible with /etc/krb5.conf these days (because Apple's Kerberos >> is from Heimdal); and the cases where they're incompatible are almost >> exactly the cases where it can't be automagically translated. There may >> also be differences in how the two figure out defaults (e.g. when to use >> TCP vs. UDP or which DNS names are looked up when a realm isn't defined in >> the config file, there being both legacy TXT and modern SRV entries >> possible and each implementation follows different rules). >> >> If you're lucky you can just "sudo ln -s >> /Library/Preferences/edu.mit.Kerberos /etc/krb5.conf". >> >> -- >> brandon s allbery kf8nh sine nomine >> associates >> [email protected] >> [email protected] >> unix, openafs, kerberos, infrastructure, xmonad >> http://sinenomine.net >> > >
_______________________________________________ macports-users mailing list [email protected] https://lists.macosforge.org/mailman/listinfo/macports-users
