[27156] in Kerberos
Re: kadmin problem
daemon@ATHENA.MIT.EDU (Vipin Rathor)
Wed Dec 27 06:18:17 2006
Message-ID: <33ab2aef0612270317n6eb9b2edo5a27a0f9c17a8453@mail.gmail.com>
Date: Wed, 27 Dec 2006 16:47:44 +0530
From: "Vipin Rathor" <v.rathor@gmail.com>
To: "scotty adams" <scotty.adams@yahoo.com>
In-Reply-To: <901362.4000.qm@web55305.mail.re4.yahoo.com>
MIME-Version: 1.0
Content-Disposition: inline
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
hi Scotty,
First things first...
>>After i erased the principal.db and created it from the beginning and
followed some steps..
I hope ur "some steps" includes configuring the KDC and the client.
Here is the step by step procedure for ur ready reckoner:
1. Export binary path in PATH env. var. Do
$export PATH=/usr/local/bin:/usr/local/sbin:$PATH
2. Create krb5.conf in */etc/*, with your realm & other settings.
3. Create kdc.conf in */usr/local/var/krb5kdc/*, with your KDC settings.
*NOTE*: log files are in */usr/local/var/krb5kdc/*, by default.
4. Create a kerberos database and *stash file (optional)*,
$kdb5_util create -r REALM -s
5. Add Administrators to the Acl File, in */usr/local/var/krb5kdc/kadm5.acl*
6. Add Administrators to the Kerberos Database,
$kadmin.local
->addprinc admin/admin
7. Create a kadmind Keytab (*optional*). .
$kadmin.local
->ktadd -k /usr/local/var/krb5kdc/kadm5.keytab kadmin/admin
kadmin/changepw
8. Start the Kerberos Daemons.
$kadmind
$krb5kdc
(Check log files for daemon starting info)
9. Now get the credential.
$kinit admin/admin
10. $klist
11. $kadmin
I hope this should work....
Regards,
Vipin Rathor
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
