On Wed, 2009-03-25 at 13:15 +0300, fabian dacunha wrote:
my domain name is===> baladia.local Windows 2003 AD server computer name is====> kmun
my /etc/krb5.conf file is
[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log
[libdefaults] ticket_lifetime=24000 default_realm=BALADIA.LOCAL dns_lookup_realm = false dns_lookup_kdc = false
[realms] BALADIA.LOCAL={ kdc=172.16.2.227:88 # admin_server=kmun.baladia.local:749 default_domain=BALADIA.LOCAL kdc=BALADIA.LOCAL }
You only need one kdc here. Choose one, comment/delete the other.
[domain_realm] .baladia.local=BALADIA.LOCAL baladia.local=BALADIA.LOCAL
kerberos 88/udp kdc # Kerberos key server kerberos 88/tcp kdc # Kerberos key server
What are these "kerberos" lines for? Why have you put them here? They don't belong - comment/delete them.
[kdc] profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false }
kinit should work after making the changes above.
Regards,
Ranbir