Subject: Using 1.5_ALPHA kerberos with older servers
To: None <firstname.lastname@example.org>
From: William O Ferry <email@example.com>
Date: 09/17/2000 11:40:51
I tried updating a few of my test machines to 1.5_ALPHA2 and am finding that
they now refuse to deal with my machines running 1.4 and the old in-tree (US)
krb4 server. I read the manpage for krb5.conf and configured a file that
seems sane to me. I tried both 'kinit' and 'kinit -4' and both give the same
kinit: krb5_get_init_creds: Cannot contact any KDC for requested realm
Is there some configuration file magic to convince 1.5_ALPHA2's kerberos
clients to only try to talk v4 to a realm? Hopefully somebody considered
keeping compatibility with the kerberos we used to ship???
usr.bin/login appears to be similarly broken. To work around this one I just
commented out the lines in the Makefile to keep it from building the kerberos5
portion and it worked (it appears looking at some of the #ifdefs that enabling
KERBEROS5 disables krb4 support in login, and login's Makefile provides no
means of indicating which one you want to use).
Are there any general pointers to getting our new kerberos clients to
interact with our old servers? I'm sure there are lots of other things not
working on these systems that I just haven't found yet.
Thanks in advance.