Home Forums OS X Server and Client Discussion Open Directory Adding replica principals

Viewing 1 post (of 1 total)
  • Author
    Posts
  • May 29, 2007 at 1:39 pm #369163
    hjenkins
    Participant

    My ODM doesn’t seem to have generated the correct principals to work on my replicas. I have, for the sake of this post, 1 replica mail.server.com and my ODM is server.domain.com. If I request on the master or replica;

    kadmin.local -q listprincs

    I get (as a selection):

    [email protected]
    pop/[email protected]
    [email protected]
    [email protected]

    Should it be:

    [email protected]
    pop/[email protected]
    pop/[email protected]
    [email protected]
    [email protected]

    If so, can I resolve this by manually adding the principal to the master using:

    kadmin: addprinc -randkey pop/[email protected]

    And then:

    > ktadd pop/[email protected]

    to update the keytab?

    Kerberos is running on my replicas and I can authenticate as a user to on the server via kinit “user” I can then use this ticket to ssh into the master. I can also set up Mail.app directly on the replica and use Kerberos as the method of authentication however, this doesn’t work from a regular client when kerberos authentication works fine on master for AFP.

    Thanks for your help.

    Huw

  • Author
    Posts
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.