avoropay Posted October 27, 2004 Report Posted October 27, 2004 Вроде-бы настроил как написано в доке, самая простая настройка. При старте Kerberos выдает ошибку инициализации и пишет в лог вот эту фразу -- krb5kdc: Cannot find/read stored master key - while fetching master key K/M for realm ZP Подскажите где искать ошибочку. krb5.conf: [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] ticket_lifetime = 24000 default_realm = ZP dns_lookup_realm = false dns_lookup_kdc = false [realms] ZP = { kdc = ser1:88 admin_server = ser1:749 default_domain = zp } [domain_realm] .zp = ZP zp = ZP Quote
Master400 Posted October 27, 2004 Report Posted October 27, 2004 Вот по твоему вопросу http://mailman.mit.edu/pipermail/kerberos/2004-July/005741.h tml http://www.afp548.com/forum/viewtopic.php?forum=39&showt opic=2496 # On the new slave, create a stash file by using kdb5_util. kdc3 # /usr/sbin/kdb5_util stash kdb5_util: Cannot find/read stored master key while reading master key kdb5_util: Warning: proceeding without master key Enter KDC database master key: <type the key> http://www.lns.cornell.edu/public/COMP/krb5/krb5-install/Cre ate-Stash-Files-on-the-Slave-KDCs.html Quote
avoropay Posted October 27, 2004 Author Report Posted October 27, 2004 /usr/sbin/kdb5_util stash выдает ошибку [root@ns1 krb5kdc]# kdb5_util stash kdb5_util: No such file or directory while setting active database to '/var/kerberos/krb5kdc/principal' Что оно хочет? Quote
Master400 Posted October 27, 2004 Report Posted October 27, 2004 А взять словарь тяжело - либо поискать в гугле. 4.7 Creating a Stash File A stash file allows a KDC to authenticate itself to the database utilities, such as kadmin, kadmind, krb5kdc, and kdb5_util. To create a stash file, use the kdb5_util stash command. The syntax is: kdb5_util stash [-f keyfile] For example: shell% kdb5_util stash kdb5_util: Cannot find/read stored master key while reading master key kdb5_util: Warning: proceeding without master key Enter KDC database master key: <= Type the KDC database master password. shell% If you do not specify a stash file, kdb5_util will stash the key in the file specified in your kdc.conf file. 4.8 Creating and Destroying a Kerberos Database If you need to create a new Kerberos database, use the kdb5_util create command. The syntax is: kdb5_util create [-s] If you specify the `-s' option, kdb5_util will stash a copy of the master key in a stash file. (See Creating a Stash File.) For example: shell% /usr/local/sbin/kdb5_util -r ATHENA.MIT.EDU create -s kdb5_util: No such file or directory while setting active database to => '/usr/local/var/krb5kdc/principal' Initializing database '/usr/local/var/krb5kdc/principal' for => realm 'ATHENA.MIT.EDU', master key name 'K/M@ATHENA.MIT.EDU' You will be prompted for the database Master Password. It is important that you NOT FORGET this password. Enter KDC database master key: <= Type the master password. Re-enter KDC database master key to verify: <= Type it again. shell% http://unix.lsa.umich.edu/docs/mit-kerberos/admin_5.html Quote
avoropay Posted October 27, 2004 Author Report Posted October 27, 2004 Kerberos удалось настроить. Удалось зарегистрироватся в ADS на сервере. Вот только не получается подключить пользователей через самбу. wbinfo -u выдает ошибку Error looking up domain users Уже все перекопал. Не найду в чем причина. Везде пишут про какую-то комманду kinit но она у меня тоже не срабатвает. Пишет - kinit(v5): Client not found in Kerberos database while getting initial credentials Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.