gssd/kerb5 error, maybe keytab issue
Markus Bölter
Markus.Boelter at micronas.com
Mon May 21 10:33:05 EDT 2007
Hi!
> First, the error "krb5 7" is "Server not found in Kerberos database".
> Which indicates that the KDC does not know about the principal you are
> trying to authenticate to. If your client is trying to authenticate
> to "nfs/whiskas at MICRONAS.COM" rather than
> "nfs/whiskas.micronas.com at MICRONAS.COM", then you need to fix DNS so
> that the client gets the correct full dns name. If you never created
> the server's principal with ktpass, you need to do that (see below
> before doing that).
Victory! :-)
Our Purge-DNS script removed the record because it looked "outdated".
I added it again and everything is working now! Thanks for that hint,
I totally looked into the wrong direction with principal names/
mapping/... etc.
> Second, your client keytab has the encryption type "ArcFour with
> HMAC/md5", you need to create it with only the des-cbc-crc enctype.
... but also des-cbc-md5. So this was/still is not a problem in my
constellation.
Thanks!
Markus
Micronas GmbH
Company Headquarters / Sitz der Gesellschaft: Freiburg i. Br. - Municipal Court of / Amtsgericht: Freiburg i. Br. HRB 428. VAT ID / USt-IdNr.: DE 811127087
Management / Geschaftsfuhrung: Dr. Wolfgang Kalsbach, Chairman / Vorsitzender, Hans-Jurgen Desor, Klaus Heberle,
Nikolaus V. Kaeppeler, Wilfried Lowinski, Dirk Wieberneit, Wolfgang Kuhn - Chairman of Supervisory Board / Vorsitzender des Aufsichtsrats: Heinrich W. Kreutzer
More information about the NFSv4
mailing list