Subject: NetBSD KDC with Solaris clients
To: None <firstname.lastname@example.org>
From: Michael Santos <email@example.com>
Date: 01/28/2002 14:42:17
I have a NetBSD 1.5.2 server acting as a master to a bunch of Solaris
8/SEAM clients. So far it works well, except the users aren't able to
change their passwords using Solaris' kpasswd utility.
On the Solaris side, running kpasswd returns:
kpasswd: Changing password for <user>@<REALM>
kpasswd: Cannot establish a session with the Kerberos administrative
server fornrealm <REALM>. Client/server realm mismatch in
initial ticket request.
Checking the NetBSD master logs, I see:
2002-01-28T11:54:30 UNKNOWN --
changepw/<master.domain.com>@<REALM>: No such entry in the database
So I cloned the kadmin/changepw principal on the KDC and created a
changepw/<master.domain.com> with the same attributes.
Now running kpasswd under Solaris gives me:
kpasswd: Cannot establish a session with the Kerberos administrative server
fornrealm <REALM>. Program lacks support for encryption type.
and the KDC logs show:
2002-01-28T14:38:05 No PA-ENC-TIMESTAMP -- <user>@<REALM>
Does anybody have this working? Any clue what I may be doing wrong?
Thanks for your help,