Adding a server to Kerberos Realm

[McReady]

I’ve been trying to add a G4 server to my realm for afp sharing with single signon. My KDC is on a B+W G3 that also hosts my DNS and LDAP Database. Kerberos works perfectly between my clients and the G3, TGTs are issued at the login window and allow me access over ssh and cmd-k.

The Open Directory settings on the G4 are ‘Connected to a Directory master’ and the server is bound through Directory Access I have also followed Apples instructions on joining a Computer to a Kerberos Realm but there is little or no feedback to tell you what is wrong, all that is clear is that it’s not working.

Anyways I used kadmin with ktadd to add the afpserver and host principles for the server to the keytab. Now when I cmd-k to the server all I get is “Connection failed An AppleShare system error occurred”. If I try this from a computer that dosen’t yet have a TGT a Kerberos window comes up with the realm and name and password fields but when completed give the same error. To me this looks like Realm is all cool with the setup but the G4 is refusing to comply. I can’t even cmd-k and connect normally, which is a problem.

Any help on sorting this problem out would be greatly appreciated.

McReady

[McReady]

I fixed the problem with standard cmd-k’ing and moved on to other things since then. I’ll give that a try tomorrow.

Thanks,
McReady

[McReady]

Yo MacTroll sorry to bother you again but could you help me with the syntax for sso_util generateconfig, the -R option asks for a computer record, is this expressed as example.server.com or is it an LDAP dn? I cant seem to find the dn of my entry in computerlists.

[Author]

Posts