Erich Weiler <[EMAIL PROTECTED]> wrote: > I can do this: > > kinit -kt /etc/krb5/krb5.keytab nfs/solarisclient.domain.com > kinit -kt /etc/krb5/krb5.keytab host/solarisclient.domain.com > > with no errors. When I do a klist then I get: > > Ticket cache: FILE:/tmp/krb5cc_0 > Default principal: host/[EMAIL PROTECTED] > Valid starting Expires Service principal > 06/19/06 11:21:20 06/20/06 11:21:20 krbtgt/[EMAIL PROTECTED] > renew until 06/19/06 11:21:20 > > Does this mean that things *should* be working, but they aren't? > That's scary... :( I tried kinit'ing as > nfs/solarisclient.domain.com and then tried to mount but got the same > error in the logs...
Hmm... krb5cc_0 would seem to be root's Kerberos cache. Is NFS just being explicitly denied for root? Or is root otehrwise treated differently than normal user accounts? (I use OpenAFS myself, so I don't really know how this NFSv4 stuff works.) Do you have some other kerberized services that you can test with? SSH perhaps? (The sshd on Solaris should support Kerberos out of the box.) It would help to see if this is a problem with Kerberos or a problem with NFS. <<CDC -- Christopher D. Clausen [EMAIL PROTECTED] SysAdmin ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
