Results 1 to 2 of 2

Thread: Kerberos keytab question

  1. #1
    Join Date
    Apr 2014
    Beans
    48
    Distro
    Ubuntu 14.04 Trusty Tahr

    Question Kerberos keytab question

    I have setup up my Ubuntu 14.04 LTS server for SingleSignOn using Kerberos, LDAP and GSSAPI. I now wish to implement NFS, but I am not sure what keytab file I am supposed to add the NFS principal to.

    Kerberos, LDAP and NFS are all on the same server, but OpenLDAP references the /etc/ldap/ldap.keytab file and not the system /etc/krb5.keytab file.

    My question is this: Do I add the NFS principal to the ldap.keytab, the krb5.keytab,or both?
    errare humanum est.

  2. #2
    Join Date
    Apr 2014
    Beans
    48
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Kerberos keytab question

    After looking through the system logs, I found these entries:

    unable to obtain root (machine) credentials
    do you have a keytab entry for nfs/<your.host>@<YOUR.REALM> in /etc/krb5.keytab?


    So, I added the NFS principal to the krb5.keytab file, and the warnings have now gone. I am still not sure if I need to add the NFS principal to the ldap.keytab file aswell?
    errare humanum est.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •