duspat
07.09.04, 12:42
Hallo,
ich bin dabei meinen Debian-Linux Rechner in AD zu integrieren. Hat bis jetzt auch gut funktioniert dank einer Beschreibung im Netz. Aber jetzt habe ich ein Problem. Ich soll mit kinit ein Ticket beim DC abholen, aber dabei tritt das Problem hier auf:
RSL4:/kinit administrator
Password für administrator@testdom.local:
kinit(v5): KDC has no support for encryption type while getting initial credentials
Kann mir da jemand helfen?
Danke
Gruß
Patrick
PS. Hier noch die krb5.conf
[libdefaults]
default_realm = TESTDOCM.LOCAL
# The following krb5.conf variables are only for MIT Kerberos.
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
# The following libdefaults parameters are only for Heimdal Kerberos.
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
[realms]
ROSLER.COM = {
kdc = dc.testdom.local
admin_server = dc.testdom.local
}
ATHENA.MIT.EDU = {
kdc = kerberos.mit.edu:88
kdc = kerberos-1.mit.edu:88
kdc = kerberos-2.mit.edu:88
kdc = kerberos-3.mit.edu:88
admin_server = kerberos.mit.edu
default_domain = mit.edu
}
MEDIA-LAB.MIT.EDU = {
kdc = kerberos.media.mit.edu
admin_server = kerberos.media.mit.edu
}
ZONE.MIT.EDU = {
kdc = casio.mit.edu
kdc = seiko.mit.edu
admin_server = casio.mit.edu
}
MOOF.MIT.EDU = {
kdc = three-headed-dogcow.mit.edu:88
kdc = three-headed-dogcow-1.mit.edu:88
admin_server = three-headed-dogcow.mit.edu
}
CYGNUS.COM = {
kdc = KERBEROS.CYGNUS.COM
kdc = KERBEROS-1.CYGNUS.COM
admin_server = KERBEROS.CYGNUS.COM
}
GREY17.ORG = {
kdc = kerberos.grey17.org
admin_server = kerberos.grey17.org
}
IHTFP.ORG = {
kdc = kerberos.ihtfp.org
admin_server = kerberos.ihtfp.org
}
GNU.ORG = {
kdc = kerberos.gnu.org
kdc = kerberos-2.gnu.org
kdc = kerberos-3.gnu.org
admin_server = kerberos.gnu.org
}
1TS.ORG = {
kdc = kerberos.1ts.org
admin_server = kerberos.1ts.org
}
GRATUITOUS.ORG = {
kdc = kerberos.gratuitous.org
admin_server = kerberos.gratuitous.org
}
DOOMCOM.ORG = {
kdc = kerberos.doomcom.org
admin_server = kerberos.doomcom.org
}
[domain_realm]
.TESTDOM.LOCAL = TESTDOM.LOCAL
TESTDOM.LOCAL = TESTDOM.LOCAL
.kerberos.server = dc.testdom.local
[login]
krb4_convert = true
krb4_get_tickets = true
ich bin dabei meinen Debian-Linux Rechner in AD zu integrieren. Hat bis jetzt auch gut funktioniert dank einer Beschreibung im Netz. Aber jetzt habe ich ein Problem. Ich soll mit kinit ein Ticket beim DC abholen, aber dabei tritt das Problem hier auf:
RSL4:/kinit administrator
Password für administrator@testdom.local:
kinit(v5): KDC has no support for encryption type while getting initial credentials
Kann mir da jemand helfen?
Danke
Gruß
Patrick
PS. Hier noch die krb5.conf
[libdefaults]
default_realm = TESTDOCM.LOCAL
# The following krb5.conf variables are only for MIT Kerberos.
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
# The following libdefaults parameters are only for Heimdal Kerberos.
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
[realms]
ROSLER.COM = {
kdc = dc.testdom.local
admin_server = dc.testdom.local
}
ATHENA.MIT.EDU = {
kdc = kerberos.mit.edu:88
kdc = kerberos-1.mit.edu:88
kdc = kerberos-2.mit.edu:88
kdc = kerberos-3.mit.edu:88
admin_server = kerberos.mit.edu
default_domain = mit.edu
}
MEDIA-LAB.MIT.EDU = {
kdc = kerberos.media.mit.edu
admin_server = kerberos.media.mit.edu
}
ZONE.MIT.EDU = {
kdc = casio.mit.edu
kdc = seiko.mit.edu
admin_server = casio.mit.edu
}
MOOF.MIT.EDU = {
kdc = three-headed-dogcow.mit.edu:88
kdc = three-headed-dogcow-1.mit.edu:88
admin_server = three-headed-dogcow.mit.edu
}
CYGNUS.COM = {
kdc = KERBEROS.CYGNUS.COM
kdc = KERBEROS-1.CYGNUS.COM
admin_server = KERBEROS.CYGNUS.COM
}
GREY17.ORG = {
kdc = kerberos.grey17.org
admin_server = kerberos.grey17.org
}
IHTFP.ORG = {
kdc = kerberos.ihtfp.org
admin_server = kerberos.ihtfp.org
}
GNU.ORG = {
kdc = kerberos.gnu.org
kdc = kerberos-2.gnu.org
kdc = kerberos-3.gnu.org
admin_server = kerberos.gnu.org
}
1TS.ORG = {
kdc = kerberos.1ts.org
admin_server = kerberos.1ts.org
}
GRATUITOUS.ORG = {
kdc = kerberos.gratuitous.org
admin_server = kerberos.gratuitous.org
}
DOOMCOM.ORG = {
kdc = kerberos.doomcom.org
admin_server = kerberos.doomcom.org
}
[domain_realm]
.TESTDOM.LOCAL = TESTDOM.LOCAL
TESTDOM.LOCAL = TESTDOM.LOCAL
.kerberos.server = dc.testdom.local
[login]
krb4_convert = true
krb4_get_tickets = true