[Freeipa-users] User keytab file
Daniel Scott
djscott at mit.edu
Tue Jun 30 14:17:21 UTC 2009
Hi,
Thanks for the reply.
2009/6/30 Simo Sorce <ssorce at redhat.com>:
> On Tue, 2009-06-23 at 11:49 -0400, Daniel Scott wrote:
>> Any suggestions would be greatly appreciated. Does anyone have this or
>> something similar working?
>
> I am not sure what doesn't work, the message you see in the logs is
> perfectly normal, we configure the KDC to require pre-authentication,
> but by default kinit send the classic request first, and only when it
> gets the preauth required error, sends a preauth request (if necessary
> after having asked for a password). In short that message is not an
> error.
The problem is that I am getting this error on the client:
>> # kinit backup -k -t /etc/backup.keytab
>> kinit(v5): Key table entry not found while getting initial
>> credentials
But no 'error' message in the server logs. Only the "NEEDED_PREAUTH"
line which we've established isn't an error.
For some reason, I can't obtain a ticket for a user principal. I have
service principals working correctly, but I can't authenticate as a
user without entering a password, which is no good for automated
process such as backups.
Thanks,
Dan
More information about the Freeipa-users
mailing list