Subject: Re: kerberosV with kerberosIV compatibility
To: Tracy Di Marco White <email@example.com>
From: Love <firstname.lastname@example.org>
Date: 11/02/2000 00:56:37
Tracy Di Marco White <email@example.com> writes:
> Should this be working? Am I doing something wrong? If I'm not doing
> something wrong, what can I do to help solve the problem?
> bb# kinit -4 gendalia
> gendalia@IASTATE.EDU's Password:
> kinit: converting creds: Cannot contact any KDC for requested realm
> I have /etc/krb.conf /etc/krb.realms, /etc/kerberosIV/krb.conf,
> /etc/kerberosIV/krb.realms, /etc/srvtab, and /etc/kerberosIV/srvtab.
> I'm not sure I've got whatever needs to be set up in krb5.conf
> configured correctly.
> I ktrace'd kinit -4, and while I mention our machines kerberos-1 and
> kerberos-2 in my /etc/krb5.conf, it also seems to go looking and find
> our windc1 and windc2 machines, our windows kerberosV domain controllers.
> I'm not sure how it found those. Possibly it goes out and tries to do
> windows style kerberos detection? Of course, the windc machines
> don't do kerberosIV at all.
Probably found the DC by the SRV-rr you have in DNS.
In order to get a krb4 ticket from a krb5 ditto (that is want -4 means) you
need to have support in the kerberos server, running on port 4444.
I guess that you have krb5 ticket, but no krb4, is that right ?
What are you trying to do. Get a krb4 ticket directly ?