Date: Wed, 17 Aug 2005 21:12:45 +0400 From: Sergey Lapin <slapinid@gmail.com> To: freebsd-questions@freebsd.org Subject: Kerberos authentication Message-ID: <48239d3905081710124dbcf846@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, all!
There is simple Kerberos question.
We have w2k3 PDC here and want to setup one machine
(machine.domain.com) to interoperate with it.
Samba's net ads join works.
kinit works.
but telnet to machine.domain.com from the same machine fails with thw
following debug:
[ Trying mutual KERBEROS5 (host/machine.domain.com@DOMAIN.COM)... ]
Kerberos V5: mk_req failed (Message stream modified)
[ Trying KERBEROS5 (host/machine.domain.com@DOMAIN.COM)... ]
Kerberos V5: mk_req failed (Message stream modified)
-bash-2.05b$ klist
Credentials cache: FILE:/tmp/krb5cc_1002
Principal: lapin@UNIVERSE.DART.SPB
Issued Expires Principal
Aug 17 21:06:40 Aug 18 07:06:40 krbtgt/DOMAIN.COM@DOMAIN.COM
/etc/krb5.conf:
[libdefaults]
default_realm =3D DOMAIN.COM
default_keytab_name =3D FILE:/etc/krb5.keytab
dns_lookup_realm =3D false
dns_lookup_kdc =3D true
[domain_realm]
.domain.com =3D DOMAIN.COM
[realms]
DOMAIN.COM =3D {
kdc =3D tcp/dc.domain.com
kpasswd_server =3D dc.domain.com
admin_server =3D udp/dc.domain.com
}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48239d3905081710124dbcf846>