[32840] in Kerberos
Re: Kerberos credential cache file generation issue.
daemon@ATHENA.MIT.EDU (Reddy Reddy)
Mon Oct 25 17:15:33 2010
MIME-Version: 1.0
In-Reply-To: <AANLkTikzmwKKyrZMS+qPMSLKzXZVUuH8eN9pndScLH1g@mail.gmail.com>
Date: Tue, 26 Oct 2010 02:45:25 +0530
Message-ID: <AANLkTi=O95Wh3QFj-avuEHxLDENVNwvB3FtiYxfST3Oa@mail.gmail.com>
From: Reddy Reddy <reddytheman@gmail.com>
To: Vipin Rathor <v.rathor@gmail.com>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi Vipin,
The issue is resolved by using the command : kinit -k <SPN> -c
FILE:/var/krb5/security/creds/krb5cc_<user_id>.The ticket will then be
routed to the file specified for the -c parameter. By using the above
command I'm able to generate the Ticket-Granting-Ticket in the repective
location i.e,/var/krb5/security/creds/krb5cc_[UID]. But when execute the
command klist then it showing the error message like Cendential cache file :
homesid/sidadm is not available. Can you please let me know which is
creating the problem here. Actually, I have given the sidadm group & 755
permission to the Keytab file & krb5.conf file so that sidadm user id is
able to access the kerberos file.
Kindly,look in to the issue and suggest the solution...
OS : AIX 6.1
MIT Kerberos 5 version
Thanks & Regards,
Reddy.
On Fri, Oct 22, 2010 at 8:41 PM, Vipin Rathor <v.rathor@gmail.com> wrote:
> Try doing kinit with full path i.e. /usr/krb5/bin/kinit <args>.. This
> way u should get CC file in desired path.
>
> If that doesn't work , try exporting KRB5CCNAME environment variable like
> this:
> export KRB5CCNAME=FILE:/var/krb5/security/creds/krb5cc_[UID]
>
> btw, which Kerberos distro you are using on AIX? (MIT or IBM)
>
> --
> -Rathor
>
> On Fri, Oct 22, 2010 at 8:09 PM, Reddy Reddy <reddytheman@gmail.com>
> wrote:
> > Hi Experts,
> >
> > Kindly,help me regarding the Kerberos SSO configuration activity which
> I'm
> > facing the issue with the Kerberos Ticket-Granting-Ticket in the AIX
> > systems.
> >
> > Actually, I have logged in to the User ID: SIDADM and execute the command
> > kinit -k* -t SAPService<SID>.keytab SAPService<SID>/<my.org>@<MY.ORG>
> *in
> > the AIX system and credential cache file generated in the /homesid/sidadm
> > directory. But as per the Kerberos guide the cache file has to save in
> the
> > /var/krb5/security/creds/krb5cc_<userid> directory. Kindly, suggest how
> to
> > change the directory path to /var/krb5/security/creds/krb5cc_<userid>.
> >
> > Kindly, suggest & provide the solution to the above stated issue.
> >
> > Thanks & Regards,
> > Reddy.
> > ________________________________________________
> > Kerberos mailing list Kerberos@mit.edu
> > https://mailman.mit.edu/mailman/listinfo/kerberos
> >
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
