> -----Original Message----- > From: Nicolas Williams [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 01, 2008 10:26 PM > To: Leopold, Corey > Cc: Natalie Li; [email protected] > Subject: Re: [storage-discuss] B85 CIFS - Active Directory - Kerberos > > On Tue, Apr 01, 2008 at 07:19:00PM -0400, Leopold, Corey wrote: > > [libdefaults] > > default_realm = XXX.COM > > # verify_ap_req_nofail = false > > > > [realms] > > XXX.COM = { > > kdc = yyy.yyy.yyy.yyy > > # kdc = ___slave_kdc1___ > > # kdc = ___slave_kdc2___ > > # kdc = ___slave_kdcN___ > > admin_server = yyy.yyy.yyy.yyy > > } > > > > [domain_realm] > > xxx.xxx.com = XXX.COM > > You may want to add > xxx.com = XXX.COM > .xxx.com = XXX.COM
If I add that it changes the error message to: ------------------------- Apr 2 10:38:05 xxx sshd[1343]: [ID 537602 auth.error] PAM-KRB5 (auth): krb5_verify_init_creds failed: Server not found in Kerberos database ------------------------ > > What happens if you run this as root: > > # kinit -k host/xxx.xxx.com > > ? --------------------------- bash-3.2# kinit -k host/xxx.xxx.com bash-3.2# --------------------------- It returns no error.... Also "# kinit DomainUser" works fine, after entering the domain users password I can do a klist and see the ticket.... Thanks!!! Corey _______________________________________________ storage-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/storage-discuss
