[31022] in Kerberos
RE: KRB5 & Sun Solaris 9
daemon@ATHENA.MIT.EDU (McGranahan, Jamen)
Fri Apr 24 22:49:25 2009
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Fri, 24 Apr 2009 21:48:23 -0500
Message-ID: <63566160FBD1BE43873B5A100A4222DF0AF3266B@mailbe17.email.Vanderbilt.edu>
In-Reply-To: <20090424210948.GE14904@sun.com>
From: "McGranahan, Jamen" <jamen.mcgranahan@vanderbilt.edu>
To: "Will Fiveash" <William.Fiveash@Sun.COM>
Cc: kerberos@mit.edu, "Douglas E. Engert" <deengert@anl.gov>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
That was a HUGE help! Thanks Will. What I learned was the kinit command
was launching the default Sun KRB program instead of the one I
installed. So, when I used the full path for the new kinit
(/usr/local/krb5-1.6.3/bin/kinit mcgranj@DS.VANDERBILT.EDU), it worked!
Thanks for the tip!
Jamen McGranahan
-----Original Message-----
On Fri, Apr 24, 2009 at 03:45:00PM -0500, McGranahan, Jamen wrote:
> * Yes, I can ping the kdc.
Try:
truss -o /tmp/truss.out -u:: kinit
which will show all the functions called and their return values (well,
if they have a non-void return value). This may help pin down why kinit
is failing.
> * Doug: as for the IP address use, we found that for some reason, it
> worked better with the IP on the other 2 boxes we have this installed
&
> working. So, keeping the same settings, logic would suggest it should
> work here too.
Well, it really depends on your DNS configuration. Does nslookup work
for the KDC hostname on the Solaris systems? In general it should. Use
of a IP address for the kdc usually indicates a distrust of the DNS
servers.
--> PS. Nslookup worked, by the way.
--
Will Fiveash
Sun Microsystems Inc.
http://opensolaris.org/os/project/kerberos/
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
