Thanks Guys i already did solve the problem of gettin kinit work kinit Administrator and after enterring the password worked grt
here my krb5.conf which is workin perfect
[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log
[libdefaults] default_realm = BALADIA.LOCAL dns_lookup_kdc = false
dns_lookup_realm = false [realms] BALADIA.LOCAL = { default_domain = baladia.local kdc = xx.xx.xx.xx:88 admin_server = xx.xx.xx.xx:749 kdc = KMUN }
[domain_realm] baladia.local = BALADIA.LOCAL
once again really apprecite your help
now just wanna get my centos box join my win2003 AD server now..
regards
Fabian
On Wed, 2009-03-25 at 13:15 +0300, fabian dacunha wrote:
my domain name is===> baladia.local Windows 2003 AD server computer name is====> kmun
my /etc/krb5.conf file is
[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log
[libdefaults] ticket_lifetime=24000 default_realm=BALADIA.LOCAL dns_lookup_realm = false dns_lookup_kdc = false
[realms] BALADIA.LOCAL={ kdc=172.16.2.227:88 # admin_server=kmun.baladia.local:749 default_domain=BALADIA.LOCAL kdc=BALADIA.LOCAL }
You only need one kdc here. Choose one, comment/delete the other.
[domain_realm] .baladia.local=BALADIA.LOCAL baladia.local=BALADIA.LOCAL
kerberos 88/udp kdc # Kerberos key server kerberos 88/tcp kdc # Kerberos key server
What are these "kerberos" lines for? Why have you put them here? They don't belong - comment/delete them.
[kdc] profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false }
kinit should work after making the changes above.
Regards,
Ranbir
-- Kanwar Ranbir Sandhu Linux 2.6.27.19-170.2.35.fc10.x86_64 x86_64 GNU/Linux 14:06:36 up 19 days, 13:32, 4 users, load average: 0.14, 0.20, 0.18
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.