[29773] in Kerberos
kprop between master (mandriva) and slave (solaris)
daemon@ATHENA.MIT.EDU (Marcin N)
Tue Apr 29 11:17:16 2008
From: Marcin N <nichu@nospam.onet.pl>
Date: Tue, 29 Apr 2008 16:55:47 +0200
Message-ID: <fv7cs8$mr8$1@news.onet.pl>
Mime-Version: 1.0
X-Complaints-To: usenet@news.onet.pl
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hello
I'm trying to make krb database replication again (this time mandriva is
master and solaris is slave)
I patched kprop on master (mandriva) - by the way thank You for patch
one more time but while trying to execute kprop i get error message:
/usr/local/sbin/kprop -n kiprop@KRB.COM -f /home/nichu/dump.krb5
slave.krb.com
/usr/local/sbin/kprop: Cannot resolve network address for KDC in
requested realm while getting initial ticket
DNS is not an issue - because:
host slave.krb.com
slave.krb.com has address 192.168.0.50
in log there's nothing about that :/
file kdc.conf:
[kdcdefaults]
kdc_ports = 88,750
[realms]
KRB.COM = {
profile = /etc/krb5.conf
database_name = /usr/local/var/krb5kdc/principal
admin_database_name =
/usr/local/var/krb5kdc/principal.kadm5
admin_database_lockfile =
/usr/local/var/krb5kdc/principal.kadm.lock
admin_keytab = FILE:/etc/kerberos/krb5kdc/kadm5.keytab
acl_file = /etc/kerberos/krb5kdc/kadm5.acl
key_stash_file = /etc/kerberos/krb5kdc/.k5stash
kadmind_port = 749
max_life = 8h 0m 0s
max_renewable_life = 7d 0h 0m 0s
default_principal_flags = +preauth
}
=============================
file /etc/krb.conf
[libdefaults]
default_realm = KRB.COM
[realms]
KRB.COM = {
admin_server = master.krb.com
kdc = master.krb.com
kdc = slave.krb.com
master_kdc = master.krb.com
}
[domain_realm]
.krb.com = KRB.COM
krb.com = KRB.COM
[logging]
default = FILE:/var/log/kerberos/krb5libs.log
kdc = FILE:/var/log/kerberos/krb5kdc.log
admin_server = FILE:/var/log/kerberos/kadmind.log
[kdc]
profile = /etc/kerberos/krb5kdc/kdc.conf
==============================
Principals of course exists:
kadmin.local: listprincs
K/M@KRB.COM
host/slave.krb.com@KRB.COM
host/master.krb.com@KRB.COM
kadmin/admin@KRB.COM
kadmin/changepw@KRB.COM
kadmin/history@KRB.COM
kadmin/master.krb.com@KRB.COM
krbtgt/KRB.COM@KRB.COM
nichu/admin@KRB.COM
nichu@KRB.COM
So what's wrong ? ? ?
Regards
nichu
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
