>>>>> "Juha" == Juha Ylitalo <[EMAIL PROTECTED]> writes:
Juha> My home network currently has 3 Debian machines (running
Juha> frozen potato) and I've been trying to setup Heimdal's
Juha> (version 0.2l-7) Kerberos 5 realm to work between those
Juha> machines. Once I figured out that heimdal's packages don't
Juha> create correct /etc/krb5.conf file for me, it was relatively
Juha> painless to get everything working within KDC
If you haven't done so already, install heimdal-docs, and read
/usr/doc/heimdal-docs/README.Debian
Juha> /var/lib/heimdal-kdc/kadm5.acl, so that I would be able to
Juha> get host keys, when using ktutils and kadmin from remote
Juha> machines. Even though that kadm5.acl is appearantly supposed
Juha> to be file, where you simply can't do things in wrong way
Juha> (you just add name and wanted priviledges), it didn't seem
Juha> to work for me... (or at least kadmin kept on telling me
Juha> that I have "none" privileges, when I was trying to use it
Juha> with anything else than "kadmin -l" in KDC host) Any advices
Juha> from Kerberos users on how to make those keytab tables so
Juha> that they would be correctly setup between KDC and other
Juha> hosts?
Getting kadmin privileges correct is the most common problem I have
had. When it works, it works every time. However, no informative
messages are displayed if anything goes wrong. From what you say, I
think you are doing mostly the right thing.
Have a look at the KDC log file, /var/log/heimdal-kdc.log, it may give
some clues as to what is going wrong.
If you still have problems, then please E-Mail me directly, and tell
me what you have put in the kadm5.acl file, and kdc.conf. (Also note:
you can use the all privilege for "all" privileges).
--
Brian May <[EMAIL PROTECTED]>
