Well, here i am again.
I was expecting that the granted ticket always hold the address to
which it is valid. After obtaining a ticket by means of kinit, i got
the following:
$ kinit
[EMAIL PROTECTED]'s Password:
$ klist -v
Credentials cache: FILE:/tmp/krb5cc_1000
Principal: [EMAIL PROTECTED]
Cache version: 4
Server: krbtgt/[EMAIL PROTECTED]
Ticket etype: des3-cbc-sha1, kvno 1
Auth time: Jul 15 23:11:42 2006
End time: Jul 16 03:11:42 2006
Renew till: Aug 14 23:11:42 2006
Ticket flags: renewable, initial
Addresses:
The address information line is empty. I don't understand why!
Here you have my krb5.conf:
[appdefaults]
forwardable = no
proxiable = no
# no-addresses = no
ticket_lifetime = 14400
renew_lifetime = 3600
# encrypt =
# forward =
[libdefaults]
default_realm = SSO.NET
clockskew = 300
kdc_timeout = 4
# v4_name_convert
# v4_instance_resolve
# capath = { }
# default_etypes = arcfour-hmac-md5
# default_etypes_des = des-cbc-crc
default_keytab_name = FILE:/etc/kerberosV/krb5.keytab
dns_lookup_kdc = yes
dns_lookup_realm = no
kdc_timesync = yes
# max_retries = 4
ticket_lifetime = 14400
# renew_lifetime = 3600
forwardable = no
# proxiable = yes
verify_ap_req_nofail = yes
# warn_pwexpire = 86400
# http_proxy =
# dns_proxy =
# extra_addresses =
# time_format =
# date_format =
log_utc = yes
scan_interfaces = no
# fcache_version =
# krb4_get_tickets = no
# fcc-mit-ticketflags = yes
[domain_realm]
.my.domain = SSO.NET
[realms]
SSO.NET = {
kdc = etosha.my.domain
admin_server = etosha.my.domain
kpasswd_server = etosha.my.domain
# krb524_server =
# v4_instance_convert
# v4_name_convert
# default_domain
# tgs_require_subkey
}
#[capaths]
# CLIENT-REALM = {
# SERVER-REALM = hop-realm
# }
[logging]
kadmind = FILE:/var/heimdal/kadmind.log
kdc = STDERR
default = STDERR
[kdc]
database = {
# dbname =
realm = SSO.NET
# mkey_file =
# acl_file =
# log_file =
}
max-request = 1024
# require-preauth = yes
# ports =
addresses = 10.0.0.2
enable-kerberos4 = no
# v4-realm = SSO.NET
enable-524 = no
enable-http = no
enable-kaserver = no
# check-ticket-addresses = yes
# allow-null-ticket-addresses = no
allow-anonymous = no
# enable_as_rep_as_tgs_rep = no
kdc_warn_pwexpire = 86400
# logging =
# use_2b =
[kadmin]
# require-preauth = yes
default_keys = v5
use_v4_salt = no