[6967] in Kerberos
Re: changing a CNS V4 setup to a new network
daemon@ATHENA.MIT.EDU (Wes Brown)
Fri Mar 29 05:55:16 1996
To: kerberos@MIT.EDU
Date: 28 Mar 1996 19:21:48 GMT
From: wes@prozac.student.cwru.edu (Wes Brown)
sysop@omega.megahits.com wrote:
: We recently began the process of converting our entire ISP over to a T1 and
: a completely new set of IP addresses. This process included a linux box on
: which we had CNS V4 running without any problems, authenticating modem
: access requests via xyplex terminal servers at 2 different frame relay
: locations. After having numerous difficulties converting the actual linux
: box itself to recognize and use the new network, (many of which STILL
: haven't been resolved),
Make sure /etc/rc.d/rc.inet1 is correct.
: we started to try to change over our kerberos setup
: as well.
I would not have done that until I had the box running with all the bugs
worked out but that is just what I would do.
: After editing all the configuration files I could think of,
: replacing megahits.com with megahits.net and whatnot, I rebooted the box. It
: failed to start kerberos properly. I modified a few more settings, and now I
: have it to the point where a 'kdb_init' runs successfully. However, when I
: run 'kerberos' after 'kdb_init' I get the following error message
: (reproduced here in its entirety for completeness' sake):
:
: --
: Kerberos server starting
: Sleep forever on error
: Log file is /usr/kerberos/database/kerberos.log
: Current Kerberos master key version is 1.
:
: Master key entered.
:
: Current Kerberos master key version is 1
: Local realm: MEGAHITS.NET
: Ticket granting ticket service unknown
I am taking a guess here because I am fairly new at this Kerberos stuff,
but I think that the database is built around the realm name that you give
kdb_init.
The best quick fix solution would be to change everything back in the
kerberos settings to use the old MEGAHITS.COM realm name. Configure your
/etc/krb.conf to point that realm to your kerberos server. From there you
will need to dump the database into the new database.
PLEASE note that I have GUESSED at this solution. I am interested in
knowing more about how the database is built. I do not know that you need
to dump the database, but I am confident that you can get the server
running again by changing things back to the way they were. The only thing
that needs to be configured to domain megahits.net is the machine via the
rc.d files. You can call your Kerberos realm what ever you want just make
sure that it is your default in your /etc/krb.conf file on all the machines
your are using that REALM. {More detailed stuff is possible with the realm
listings, but you have stated that all you want this to do is work}
: I assume there are still some settings which I have not yet changed over
: from the megahits.com setup. Or perhaps it has something to do with the fact
: that when I reboot I seem to lose all the new settings that I have entered
: into the linux box with the route and ifconfig commands. Anyway, the bottom
: line is that any help would be greatly appreciated, as we are in a bit of a
: pinch here... as long as this ISN'T working, we have customers in 2 major
: calling areas of the state that are unable to use the service they are
: paying for.
:
: Regards,
: Lou Rinaldi
: Omega Solutions, Inc.
Wes
---
Wes Brown
ewb4@po.cwru.edu wes@prozac.student.cwru.edu
http://prozac.cwru.edu/wes/About.me.html
KB8TGR
