Patrick Hartling <patrick@137.org> wrote:
}joda@pdc.kth.se (Johan Danielsson) wrote:
}
}} Patrick Hartling <patrick@137.org> writes:
}} 
}} > I have an /etc/krb5.conf that has some Kerberos IV bits in it, but I
}} > am unable to get my K5 tickets converted to the Kerberos IV tickets
}} > that I need.
}} 
}} What are those bits? -current doesn't use MIT krb5, so there might be
}} differences. My impression (form reading the manpage) is that v4
}} compat is wither built-in (in the MIT kinit) or not.
}
}I have attached my /etc/krb5.conf file.  I don't claim to understand it
}completely since I copied it from one of the Alpha machines here on
}campus and modified what I knew needed to be changed (paths mainly).
}
}} kinit -4 should do what you want, no?
}
}I thought so, but it hangs for a while and then returns the following error
}message:
}
}kinit: converting creds: Cannot contact any KDC for requested realm
}
}The requested realm in this case is IASTATE.EDU.  A subsequent klist shows
}me that I do have K5 tickets:
}
}> klist
}Credentials cache: FILE:/tmp/krb5cc_13773
}        Principal: mystify@IASTATE.EDU
}
}  Issued           Expires          Principal
}Jul 11 12:45:43  Jul 11 13:25:40  krbtgt/IASTATE.EDU@IASTATE.EDU

The KDC is using MIT kerberos, and I have the same problems with 1.5ALPHA's
kerberos using a krb5.conf that worked (got k5 & K4 tickets at login) with
crypto-us until the switch to crypto.

I solved my earlier problem with kerberos by moving /etc/kerberosV/krb5.conf
to /etc/krb5.conf.  (ktrace is ever so handy for these things.)

Tracy J. Di Marco White
Project Vincent Systems Manager
gendalia@iastate.edu