I posted on this the other day, have more info, am desperately hoping that
someone can give me a pointer to a solution. I realize it's a bit off topic,
but it is on a DEC system, so I hope you'll bear with me.
We have installed kerberos V5 on a DEC 4100 running DU 4.0d, and while you
can use the krb5 kinit, telnet, etc to go from there to other krb5 nodes,
when you try to go from another krb5 node to this DEC app server you
cannot authenticate and the krb5 KDC reports in krb5kdc.log:
Jun 03 14:56:07 ourkdc.appliedtheory.com krb5kdc[241](info): TGS_REQ
204.168.18.26(88): UNKNOWN_SERVER: authtime 896900113, jreed_at_TESTPROD.BU.COM
for host/ora0.bkc.org_at_TESTPROD.BU.COM, Server not found in Kerberos database
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Since first describing this problem, I've noticed that the KDC's list of
known principals does not match that shown when you authenticate as admin/admin
on any other krb5 node and use kadmin.local to see the list of known
principals.
KDC's view:
kadmin.local: listprincs
:
host/nodea.appliedtheory.com_at_TESTPROD.BU.COM
host/nodeb.appliedtheory.com_at_TESTPROD.BU.COM
host/nodec.appliedtheory.com_at_TESTPROD.BU.COM
host/ora0.bkc.org_at_TESTPROD.BU.COM
:
Any other node's view:
kadmin: listprincs
:
host/nodea.appliedtheory.com_at_TESTPROD.BU.COM
host/nodeb.appliedtheory.com_at_TESTPROD.BU.COM
host/nodec.appliedtheory.com_at_TESTPROD.BU.COM
:
This inconsistancy HAS to be central to the problem. Has anyone seen such
behavior, and/or can you suggest any fixes????????????????
Huge, giant TIA!!!!
--
Judith Reed
jreed_at_appliedtheory.com
(315) 453-2912 x335
Received on Thu Jun 04 1998 - 20:41:16 NZST