On Mon, Sep 17, 2007 at 11:46:36AM -0400, Nate Johnson wrote: > This is from the master kdc's logs: > Sep 17 15:11:20 <kdc> kadmind[5951]: Request: kadm5_randkey_principal, > smtp/<fqdn>@IU.EDU, Cannot lock database, client=natejohn/[EMAIL PROTECTED], > service=kadmin/[EMAIL PROTECTED], addr=<ip address>
Shot in the dark: is it RHEL 5.0 with SELinux in enforcing mode? If it is, try running "restorecon -R -v /var/kerberos/krb5kdc". That'll set the labels on the database files to values which the policy allows kadmind to manipulate. HTH, Nalin ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
