f



Key table entry not found #3

Hi the list,

I have two servers. One hosting a kerberos master and ldap master (server.lan) , one other hosting a kerberos slave  and ldap replica (replica.lan). Kerberos is used by ldap for authentication SASL/GSSAPI.

The kerberos realm is SERVER.LAN. All was running. But since some time, i get error messages with ldapsearch command. With the debug activated, i get the following message of ldapsearch:


server:~ admin$ldapsearch -d 1 -b cn=mounts,dc=server,dc=lan
....
res_errno: 80, res_error:<SASL(-1): generic failure: GSSAPI
     Error: Unspecified GSS failure.  Minor code may provide more
     information (Key table entry not found)>, res_matched:<>

....

(Remark : As information i provide the entire debug at the end of this 
message)

Because of the message "keytable entry not found", i tried to use kadmin 
and check if principle with root exists. But by using kadmin i get now 
this message :

server:~ admin$ kadmin -proot@SERVER.LAN
Couldn't open log file /var/log/krb5kdc/kadmin.log: Permission denied
Authenticating as principalroot@SERVER.LAN  with password.
Password forroot@SERVER.LAN:
kadmin: Communication failure with server while initializing kadmin interface
server:~ admin$

I check the logfile owner, group owner, and permission. Then i compared with one other kerberos server. Permission and owner was different. I set permission identically. But nothing was changed.

With kadmin.local i checked androot@SERVER.LAN  exists in the list.


Logged on the replica server, i can use ldapsearch normaly.


How to debug the kerberos ?

Regards,


PS :
server:~ admin$ kinit root
Please enter the password for root@SERVER.LAN:
server:~ admin$ klist
Kerberos 5 ticket cache: 'API:Initial default ccache'
Default principal: root@SERVER.LAN

Valid Starting     Expires            Service Principal
07/07/11 17:50:19  07/08/11 03:50:09 krbtgt/SERVER.LAN@SERVER.LAN
     renew until 07/14/11 17:50:19


server:~ admin$ ldapsearch -d 1 -b cn=mounts,dc=server,dc=lan
ldap_create
ldap_pvt_sasl_getmech
ldap_search
put_filter: "(objectclass=*)"
put_filter: simple
put_simple_filter: "objectclass=*"
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:389
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying ::1 389
ldap_pvt_connect: fd: 3 tm: -1 async: 0
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_scanf fmt ({) ber:
ber_flush2: 64 bytes to sd 3
ldap_result ld 0x100117f70 msgid 1
ldap_chkResponseList ld 0x100117f70 msgid 1 all 1
ldap_chkResponseList returns ld 0x100117f70 NULL
wait4msg ld 0x100117f70 msgid 1 (infinite timeout)
wait4msg continue ld 0x100117f70 msgid 1 all 1
** ld 0x100117f70 Connections:
* host: localhost  port: 389  (default)
   refcnt: 2  status: Connected
   last used: Thu Jul  7 17:51:40 2011


** ld 0x100117f70 Outstanding Requests:
  * msgid 1,  origid 1, status InProgress
    outstanding referrals 0, parent count 0
   ld 0x100117f70 request count 1 (abandoned 0)
** ld 0x100117f70 Red-Black Tree Response Queue:
    Empty
   ld 0x100117f70 response count 1
ldap_chkResponseList ld 0x100117f70 msgid 1 all 1
ldap_chkResponseList returns ld 0x100117f70 NULL
ldap_int_select
read1msg: ld 0x100117f70 msgid 1 all 1
ber_get_next
ber_get_next: tag 0x30 len 56 contents:
read1msg: ld 0x100117f70 msgid 1 message type search-entry
wait4msg continue ld 0x100117f70 msgid 1 all 1
** ld 0x100117f70 Connections:
* host: localhost  port: 389  (default)
   refcnt: 2  status: Connected
   last used: Thu Jul  7 17:51:40 2011


** ld 0x100117f70 Outstanding Requests:
  * msgid 1,  origid 1, status InProgress
    outstanding referrals 0, parent count 0
   ld 0x100117f70 request count 1 (abandoned 0)
** ld 0x100117f70 Red-Black Tree Response Queue:
  * msgid 1,  type 100
   ld 0x100117f70 response count 1
ldap_chkResponseList ld 0x100117f70 msgid 1 all 1
ldap_chkResponseList returns ld 0x100117f70 NULL
ldap_int_select
read1msg: ld 0x100117f70 msgid 1 all 1
ber_get_next
ber_get_next: tag 0x30 len 12 contents:
read1msg: ld 0x100117f70 msgid 1 message type search-result
ber_scanf fmt ({eAA) ber:
read1msg: ld 0x100117f70 0 new referrals
read1msg:  mark request completed, ld 0x100117f70 msgid 1
request done: ld 0x100117f70 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
adding response ld 0x100117f70 msgid 1 type 101:
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_scanf fmt (}) ber:
ldap_get_values
ber_scanf fmt ({x{{a) ber:
ber_scanf fmt ([v]) ber:
ldap_msgfree
ldap_sasl_interactive_bind_s: server supports: CRAM-MD5 GSSAPI
ldap_int_sasl_bind: CRAM-MD5 GSSAPI
ldap_int_sasl_open: host=server.lan
SASL/GSSAPI authentication started
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_scanf fmt ({i) ber:
ber_flush2: 703 bytes to sd 3
ldap_result ld 0x100117f70 msgid 2
ldap_chkResponseList ld 0x100117f70 msgid 2 all 1
ldap_chkResponseList returns ld 0x100117f70 NULL
wait4msg ld 0x100117f70 msgid 2 (infinite timeout)
wait4msg continue ld 0x100117f70 msgid 2 all 1
** ld 0x100117f70 Connections:
* host: localhost  port: 389  (default)
   refcnt: 2  status: Connected
   last used: Thu Jul  7 17:51:40 2011


** ld 0x100117f70 Outstanding Requests:
  * msgid 2,  origid 2, status InProgress
    outstanding referrals 0, parent count 0
   ld 0x100117f70 request count 1 (abandoned 0)
** ld 0x100117f70 Red-Black Tree Response Queue:
    Empty
   ld 0x100117f70 response count 1
ldap_chkResponseList ld 0x100117f70 msgid 2 all 1
ldap_chkResponseList returns ld 0x100117f70 NULL
ldap_int_select
read1msg: ld 0x100117f70 msgid 2 all 1
ber_get_next
ber_get_next: tag 0x30 len 148 contents:
read1msg: ld 0x100117f70 msgid 2 message type bind
ber_scanf fmt ({eAA) ber:
read1msg: ld 0x100117f70 0 new referrals
read1msg:  mark request completed, ld 0x100117f70 msgid 2
request done: ld 0x100117f70 msgid 2
res_errno: 80, res_error: <SASL(-1): generic failure: GSSAPI Error: 
Unspecified GSS failure.  Minor code may provide more information (Key 
table entry not found)>, res_matched: <>
ldap_free_request (origid 2, msgid 2)
ldap_free_connection 0 1
ldap_free_connection: refcnt 1
ldap_parse_sasl_bind_result
ber_scanf fmt ({eAA) ber:
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_scanf fmt (}) ber:
ldap_msgfree
ldap_err2string
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) 
error (80)
server:~ admin$ klist
Kerberos 5 ticket cache: 'API:Initial default ccache'
Default principal: root@SERVER.LAN

Valid Starting     Expires            Service Principal
07/07/11 17:50:19  07/08/11 03:50:09 krbtgt/SERVER.LAN@SERVER.LAN
     renew until 07/14/11 17:50:19

07/07/11 17:51:40  07/08/11 03:50:09 ldap/SERVER.LAN@SERVER.LAN
     renew until 07/14/11 17:50:19



-- 
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com <http://www.kezia.com/>
*Tel: +33 (0) 467 992 986*
Kezia Group
0
7/8/2011 10:08:03 AM
comp.protocols.kerberos 5541 articles. 1 followers. jwinius (31) is leader. Post Follow

0 Replies
700 Views

Similar Articles

[PageSpeed] 19

Reply:

Similar Artilces:

kerberos and Windows 2008R2
Hello Kerberos List, I'm trying to set a Kerberos ticket between a Unix and a Windows 2008 R2 se= rver. I've created a user on windows and used the ktpass to generate the Kerberos= keytab: C:\Windows\System32\ktpass princ host/jc1lqaldap.testdomain.com@TESTDOMAIN.= COM mapuser TESTDOMAIN\host_jc1lqaldap -crypto DES-CBC-MD5 -pass * -ptype K= RB5_NT_PRINCIPAL out c:\nis_data\host_jc1lqaldap.keytab I did make sure that "User Kerberos DES encryption types for this account" = was checked. First I was getting: root@jc1lqaldap:/etc# kinit -V -k -t /etc/krb5.keytab -c /tmp/krb5cc_0 host= /jc1lqaldap.testdomain.com kinit: KDC has no support for encryption type while getting initial credent= ials So I've checked "Do not require Kerberos preauthentication" and I get: root@jc1lqaldap:/etc# kinit -V -k -t /etc/krb5.keytab -c /tmp/krb5cc_0 host= /jc1lqaldap.testdomain.com kinit: Key table entry not found while getting initial credentials Where should that key table entry be located ? I cannot go forward with this. Is there a way to get more verbose logging s= o I can troubleshoot this. Klist root@jc1lqaldap:/etc# klist -ke -t /etc/krb5.keytab Keytab name: WRFILE:/etc/krb5.keytab KVNO Timestamp Principal ---- ----------------- ----------------------------------------------------= ---- 12 12/31/69 19:00:00 host/jc1lqaldap.testdomain.com@TESTDOMAIN.COM (DES c= bc mode with RSA-MD5) Cat /etc/krb5.conf [logging] default =3D FILE...

Problem with kerberos working correct due to 2 Domains gss_accept_sec_context() failed: Unspecified GSS failure. Minor code may provide more information (, Key table entry not found)
Hi guys, I'm working about 3 days at this problem and I can't fix it and now I have no more ideas: Customers environment: Windowsdomain with DC where all Users are: contoso.local Sless11 for Webapplication is in a domain: contoso.lan (this is not a Windowsdomain - just the server is configured for this And thats the problem. I don't know - how to manage these two domains. URL to access to the Webapplication is: When I now try to access from a Windowsmachine wich is in the Domain contoso.local at URL http://sless11.contoso.lan/webapp there comes a 401 from the apach...

Key table entry not found
Hello, I'm setting up a test KDC running on Solaris 9. The version I'm running is 5.1.3.1. I have successfully installed and setup my KDC server. I have tested it out on RH9 and everything is working there, as in being authenticated and such. I'm now trying to get kerberos authentication to work on another Solaris 9 box. But am running into problems. On the Solaris 9 box I have modified the pam.conf file to kerberos, copied the krb5.conf file from my kdc and ran kadmin as follows kadmin - admin/admin : ktadd host/machine_name.domain : quit When I t...

key table entry not found #2
Hello , I have Virtual Network configured to use Kerberos authentication.The setup is as follows: Windows Server 2008 Standard SP2 (DC,DNS) (FQDN) labserver.lab.com; Debian Linux 5.0(lenny) (WebServer-Apache) (FQDN) debian.lab.com; Windows XP Prof. (client) (FQDN) zdravko.lab.com; They are in the DNS lookup zone.I create one test user account for accessing the client machine under given domain(lab.com).The user name is "achimtest1" and its password never expires,and it's not going to be prompted for changing.After that I create one "dummy" user which will be used for SPN(service principal name mapping to it).It's called "http-test" and the same flags are used as in "achimtest1" user + one more:"This account supports AES 256 bit encryption".I continued with creating the keytab file: c:\>ktpass /princ HTTP/debian.lab.com@LAB.COM /mapuser http-test@lab.com/pass Debian26 /crypto AES256-SHA1 /ptype KRB5_NT_SRV_HST /out http-test.keytab the keytab is successfully created and I have checked it with the following command:c:\>setspn -L http-test->I have the service principal name:HTTP/ debian.lab.com registered to it.I copy the "http-test.keytab" file via pscp to the Debian box in /etc/apache2/keytab/ directory.In /etc/hosts file in Debian I've deleted "127.0.0.1" line and replaced it with:"192.168.100.103 debian.lab.com debian";192.168.100.103 is the linux box's IP. In /etc/resolf...

gss-server: Key table entry not found
Hi, I cannot get gss-server worked. I have tried adding (using addprinc and ktadd) different combinations of name/host (klist -k confirms the successful addition) but still getting the same error: key table entry not found. Can you please tell me what entry it is looking for and how to resolve the problem? If you need any information about my system in order to help, kindly let me know. Thanks in advance. Regards, David. ...

Key table entry not found-this time with Heimdal
Hello, this is the same setup like in my previous post from this month,but this time I'm using heimdal-clients.I have removed all of the MIT packages that I have installed: krb5-user,krb5-clients. I have Virtual Network configured to use Kerberos authentication.The setup is as follows: Windows Server 2008 Standard SP2 (DC,DNS) (FQDN) labserver.lab.com; Debian Linux 5.0(lenny) (WebServer-Apache) (FQDN) debian.lab.com; Windows XP Prof. (client) (FQDN) zdravko.lab.com; [Windows Server 2008 Settings] They are in the DNS lookup zone.I create one test user account for accessing the client machine under given domain(lab.com).The user name is "zdravko1" and its password never expires,and it's not going to be prompted for changing.After that I create one "dummy" user which will be used for SPN(service principal name mapping to it).It's called "http" and the same flags are used as in "zdravko1": -User cannot change password; -Password never expires; -This account supports AES 256 bit encryption; I continued with creating the keytab file: c:\>ktpass /princ HTTP/debian.lab.com@LAB.COM <http://lab.com/> /mapuser http@LAB.COM /pass Debian26 /crypto AES256-SHA1 /ptype KRB5_NT_PRINCIPAL /out http.keytab Keytab version: 0x502 keysize 78 HTTP/debian.lab.com@LAB.COM <http://lab.com/> ptype 1 (KRB5_NT_PRINCIPAL) vno 3 etype 0x12 (AES256-SHA1) keylength 32 (0x......) The keytab is successfully created and I have checke...

kinit: Key table entry not found while getting initial credentials
Hi Kerberos experts, could anyone help me in addressing this issue since I am a T-O-T-A-L newbie in Kerberos. I have to retrieve kerberos credential in Solaris 5.8 (SEAM 1.0.1) using a windows2003 Active Directory as KDC, and I am compelled to use the credential of a user different from Solaris' user. Let's say I work with user appadm on Solaris and user domuser@resource.corp in AD. AD administrator generated a keytab for my Solaris user in this way: Ktpass -princ kerberos/domuser.resource.corp@RESOURCE.CORP -mapuser domuser -pass [passwd of domuser] -out domuser.keytab and gave me the domuser.keytab file. I configured krb5.conf and stored the content of this keytab file in /etc/krb5/krb5.keytab via ktutil: ktutil: rkt domuser.keytab ktutil: l slot KVNO Principal ---- ---- -------------------------------------------------------------------------- 1 4 kerberos/domuser.resource.corp@RESOURCE.CORP ktutil: wkt /etc/krb5/krb5.keytab ktutil: q Now I think my krb5.conf is correct since I am able to get a TGT via kinit in this way: kinit kerberos/domuser.resource.corp@RESOURCE.CORP then I enter domuser's password and with klist I can see the TGT. But I need to obtain the credentials without entering a password since the kinit command has to be put in the startup script of an application. So I tried this: appadm 99% kinit -k kerberos/domuser.resource.corp@RESOURCE.CORP kinit: Key table entry not found while getting initial credentials :-S ...nothing us...

kprop: Key table entry not found while getting initial ticket
I try to take good notes so that I can reproduce my problems and successes. This week is the first time I have ever touched kerberos. I am using Red Hat ES3 and the default rpms. The short of it: kdb5_util dump /var/kerberos/krb5kdc/dump kprop -f /var/kerberos/krb5kdc/dump mail.eamc.net kprop: Key table entry not found while getting initial ticket Now what? My guess is that I am not asking for the correct ticket for kpropd. A normal inetd.conf entry would be: krb5_prop stream tcp nowait root /usr/kerberos/sbin/kpropd kpropd My thinking is that the second kpropd is my principal. Howeve...

aklog:Key table entry not found while getting AFS tickets
I an trying to automatically obtain the AFS tokens upon login on a Mac 10.2.6 system. I have successfully configured the kerberos v5 and the OpenAFS 1.2.10 clients. I can login with kerberos and successfully verify its ticket with the klist command. I can also execute klog, obtain an AFS token and sucessfully access my AFS space. However, if I login with kerberos and try to execute "aklog", I receive the following messages: aklog: Couldn't get asu.edu AFS tickets: aklog:Key table entry not found while getting AFS tickets Any ideas on how to resolve this problem? Thanks! Jame...

ssh gssapi-with-mic and "Key table entry not found"
Hi, I'm trying to get ssh working using gssapi-with-mic authentication. I have about 40 machines running CentOS 5.7. (My bigger goal is to use NFSv4 mounts with "krb5p" security. All these machines mount the same NFSv4 share (think home directories) so my users need to be able to forward their TGT around.) What I'm ultimately running into is sshd complaining "Key table entry not found" on *most* of the servers---a random handful work, and I can't figure out how the working ones are different. So, here's an example: I'm trying to ssh from "lnxsvr3" to "lnxsvr11" using gssapi-with-mic authentication. Here's the output of trying to ssh: [matt@lnxsvr3 ~]$ ssh -v -o"PreferredAuthentications gssapi-with-mic" lnxsvr11 OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to lnxsvr11 [192.168.187.67] port 22. debug1: Connection established. debug1: identity file /mnt/home/matt/.ssh/identity type -1 debug1: identity file /mnt/home/matt/.ssh/id_rsa type 1 debug1: identity file /mnt/home/matt/.ssh/id_dsa type -1 debug1: loaded 3 keys debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 debug1: match: OpenSSH_4.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version st...

kinit: Key table entry not found while getting initial credentials #2
Hello newsgroup, We followed the instructions on http://grolmsnet.de/kerbtut/ kinit -k -t /etc/apache2/httpotrskeytab OTRS/ server.test.local@TEST.LOCAL produces the following error: kinit: Key table entry not found while getting initial credentials we are using mit kerberos 1.9.1 on sles10 we created the keytabfile on windows 2008 r2 server with the following command: ktpass -princ OTRS/server.test.local@TEST.LOCAL -mapuser httpotrs@TEST.LOCAL -crypto RC4-HMAC-NT -ptype KRB5_NT_PRINCIPAL -pass secretpassword -out c:\temp\httpotrskeytab we copied the file to the linux server to /etc/apache2 directory manual ticket creation works fine: server:/ # kinit OTRS/server.test.local Password for OTRS/server.test.local@TEST.LOCAL: server:/ # klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: OTRS/server.test.local@TEST.LOCAL Valid starting Expires Service principal 06/07/11 13:40:15 06/07/11 23:40:15 krbtgt/TEST.LOCAL@TEST.LOCAL renew until 06/08/11 13:40:15 server:/ # kvno OTRS/server.test.local@TEST.LOCAL OTRS/server.test.local@TEST.LOCAL: kvno =3D 11 any ideas what went wrong with our installation? G=FCnter g� <guenter.huerkamp@gmail.com> writes: > Hello newsgroup, > > We followed the instructions on http://grolmsnet.de/kerbtut/ > > > kinit -k -t /etc/apache2/httpotrskeytab OTRS/ > server.test.local@TEST.LOCAL > produces the following error: > kinit: Key table entry not found while getting initial credenti...

"Key table entry not found while verifying ticket for server"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig07FDE7C699B5FF20AD258797 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Just added a new system tonight to our Kerberos realm, and was getting the following error when ksu'ing: "ksu: Key table entry not found while verifying ticket for server" Tried Googling for the error to no avail; what is the meaning of this error and how do I clear it? Best Wishes - Peter --=20 Peter_Losher@isc.org | ISC | OpenPGP 0xE8048D08 | "The bits must flow" --------------enig07FDE7C699B5FF20AD258797 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (Darwin) iD8DBQFGtXWzPtVx9OgEjQgRAve6AJ97hWoo/FDyvCC27oHOamy1UiN6TQCfbcjm 8b550EYBPn8jKX8rHMDtmME= =znqF -----END PGP SIGNATURE----- --------------enig07FDE7C699B5FF20AD258797-- ...

Re: How to update one table with info found in another table #3
You could use SQL, although the format way is far better, although needs more work. proc sql; create table table3 as select a.*, b._name_ as holiday_name from table1 as a left join table2 as b on (a.date=b.col1 or a.date=b.col2 or a.date=b.col3) ; quit; This is untested code. if you reshape Table2, as already recommended, then the above code can be simplified to proc sql; create table table3 as select a.*, b._name_ as holiday_name from table1 as a left join table2 as b on (a.date=b.col1) ; quit; HTH Tom On Mon, 17 Dec 2007 22:55:19 -0500, Howard Schreier <hs AT d...

Client not found in Kerberos database #3
Hi, I have an Intel xseve 10.4.9 server bound to AD and also have OD configured on the same server for Mac management. Other services running are AFP and WINDOWS. I will also be using the same server as a file server for both Mac and Windows. Below are my issues. When the WINDOWS service starts on our Intel Xserve with 10.4.9 installed I receive the below error message. I have tested single sign on "SSO" from Mac and Windows systems and everything seems to work, but am concerned that this error may cause an issue at a later date. I also have an issue with windows users suddenly not being able to connect to a share on the Intel Xserve via SMB which is strange as the same user on a Mac could still connect via AFP or SMB a restart of the WINDOWS service seems to clear this problem, not sure if this is related to the below error but it's a real issue and seems to be very random. When this happen I seem to receive "broken pipe" errors in the "smbd.conf" log. I checked the "secrets.tdb" and found that this did not have the "\00" on the end of the "SECRETS/MACHINE_PASSWORD/", so I ran the script at "afp548" site under forum "10.4.8 Intel - AD, Samba kerberos machine password" which added the "\00". The strange thing is that all seemed to still work even thought the "secrets.tdb" was not correct, perhaps this could be the cause of the SMB dropouts? Below is from the SMBD.LOG...

Multiple Foreign Keys on Same Table #3
Hi, I have an Orders Table that has Employee1 and Employee2 (one is the sales rep the other is the telemarketing rep) Both of these fields need to cascade update against the Employees table. I can't seem to create the desired relationship in a Diagram and I'm not sure how best to set this up. Any ideas? Thanks in advance... Hi, look here: http://support.microsoft.com/kb/321843 Perhaps you might have a look on triggers. HTH, Jens Suessmeyer. --- http://www.sqlserver2005.de --- ...

BUG #1055: no keys in inherited table with primary key when inserting into inheriting table
The following bug has been logged online: Bug reference: 1055 Logged by: Agri Email address: agri@desnol.ru PostgreSQL version: 7.4 Operating system: PC-linux-gnu Description: no keys in inherited table with primary key when inserting into inheriting table Details: let me desribe a bug in the term of sql commands: create table first (id int primary key ); create table second (f2 int) inherits (first); create table third (ref_id int); alter table third add constraint third_ref_first foreign key (ref_id) references first; insert int...

Server not found in Kerberos database #3
This is a multi-part message in MIME format. --------------010801060200000807020407 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit hello list, we want to use kerberos for authentication and to secure connections for telnet sessions. so i installed kerberos v5 for the debian system via apt-get and did the configuration. attached are the configs for this system. kinit works for a user, but the start of a telnet session is refused with the message "Authentication failed". i used the command "kinit stefan" and "telnet.krb5 -a -F vxr-r.imos.net." "vxr-r.imos.net" is the cisco router i want to connect to. when i look into the logs i see the following messages: Nov 11 09:49:28 alpha krb5kdc[8745](info): AS_REQ (1 etypes {1}) 192.168.3.3(16417): NEEDED_PREAUTH: stefan@IMOS.NET for krbtgt/IMOS.NET@IMOS.NET, Additional pre-authentication required Nov 11 09:49:30 alpha krb5kdc[8745](info): AS_REQ (1 etypes {1}) 192.168.3.3(16417): ISSUE: authtime 1100162970, etypes {rep=1 tkt=16 ses=1}, stefan@IMOS.NET for krbtgt/IMOS.NET@IMOS.NET Nov 11 09:49:33 alpha krb5kdc[8745](info): TGS_REQ (1 etypes {1}) 192.168.3.3(16417): UNKNOWN_SERVER: authtime 1100162970, stefan@IMOS.NET for host/vxr-r.imos.net@IMOS.NET, Server not found in Kerberos database Nov 11 09:49:33 alpha krb5kdc[8745](info): TGS_REQ (1 etypes {1}) 192.168.3.3(16417): UNKNOWN_SERVER: authtime 1100162970, stefan@IMOS.NET for host/vxr...

Tying up Port Login table entries with Port Table Entries in CISCO SNMP
In a monitoring app I am writing I plan on using SNMP to obtain for each port on an MDS9000 CISCO switch the remote host WWN and remote port WWN, with the aim of producing a table as follows: Port Port Remote Remote No WWN Host WWN Port WWN 1 a.b.c d.e.f g.h.i 2 j.k.l - - <-- not connected 3 m.n.o p.q.r s.t.u ::::::::::::::::::::::::::::: I _thought_ this information could be obtained by referring to a couple of tables in CISCO-FC-FE-MIB: * The Port table, which is .1.3.6.1.4...

Why isn't table A always key-preserved if equijoined to the key of table B?
Hi, It seems to me table A should always be key-preserved if equijoined to the key of table B, but Oracle seems to disagree. Example: SQL> create table jvd_t1 (c1 number, c2 number,c3 number); Table created. SQL> create table jvd_t2 (d1 number, d2 number); Table created. SQL> alter table jvd_t2 add primary key (d1); Table altered. *********** the following update works: SQL> update (select t1.*,t2.* 2 from jvd_t1 t1,jvd_t2 t2 3 where c1 = d1 ) 4 set c2=d2; 0 rows updated. ******* but this update does not: SQL> update (select t1.*,t2.* 2 from jvd_t1 t1,jvd_...

Member Key found in Fact Table but not in Dimension
I have a problem with the data in my Cubes in Analsyis Services. When I try to process the cubes I get the following error: "A member with key 'XXX' was found in the fact table but was not found in the level 'XXX' of the dimension 'XXX'" I have narrowed it down to the way the data is entered into the Relational Database Table for example instead of typing 'Inventory' the word is '=CCnventory' (this is due to hitting the apostrophe key before typing in the word) Has anyone come across this problem? Has anyone been able to solve it? Please adv...

TABLES TABLES TABLES
How would you best describe to a retiscent SAS student that the concept of TABLES isn't limited to SQL? This came up during a discussion on table lookup methods - and lookup tables in particular (I mean, lookup tables pre- date SQL). Even SAS data sets are referred to as tables. This made the student apoplectic. Words of wisdom most welcome!!! Thanks, Howard sasbum@AOL.COM wrote: >How would you best describe to a retiscent SAS student that the concept of >TABLES isn't limited to SQL? This came up during a discussion on table >lookup methods - and lookup tables in partic...

GLIBC_2.3.3 not found
I have 2 pgms compiled/linked on linux RH 9. Both are then moved to a embedded linux (MontaVista). One of them runs fine; the other gives me the error "./qdstst1: /lib/libc.so.6: version `GLIBC_2.3.3' not found (required by ./qdstst1)". Each uses the same g++ and libs for the make. I include libraries -lpthread and -lz on both pgms. ldd output is here for the one that works: libpthread.so.0 => /lib/libpthread.so.0 (0x4004d000) libz.so.1 => /usr/lib/libz.so.1 (0x4009e000) libstdc++.so.5 => /usr/lib/libstdc++.so.5 (0x400ac000) libm.so.6 => /l...

Re: catch key stroke before displaying in an entry #3
Thomas Kaiser <thomas@kaiser.linux-site.net> writes: >Hello List > >I have an application with a main window an several Entry's (input >boxes). I would like to check the pressed key before it is displaied in >the selected entry or even if no entry is selected (main window >selected). I need this to determine if the input is comming from the >keyboard or from a barcode scanner which is connected together with the >keyboard (and acts like a keyboard, I can add some post chars for the >barcode reader). > >I tried to "bind" the ...

RE: Server not found in Kerberos database error on ldapsearch #3
Ok, I got it now! I set up the AD server to run as ad.example.com and replaced the ip's in my krb5.conf with dns names and now it works! Thank you very much for your help. Still, if you have any howto on this topic (AD and UNIX), I would apreciate if you could send me a link to it. Evgeniy Zhaovsky (aka Jeck) ----------------- Evgeniy Zharovsky Ludwig-Maximilians-Universitaet Ref. IIIA5 (Sicherheitstechnik und Verzeichnisdienste) Martiusstr. 4 / 207 80539 Muenchen email mailto:evgeniy.zharovsky@verwaltung.uni-muenchen.de ...

Web resources about - Key table entry not found #3 - comp.protocols.kerberos

Table tennis - Wikipedia, the free encyclopedia
Table tennis , also known as ping-pong , is a sport in which two or four players hit a lightweight, hollow ball back and forth using table tennis ...

Premier League: Leicester City go five points clear on table after Watford win
​Leicester City took advantage of a draw between challengers Tottenham and Arsenal on Saturday to open up a five-point lead at the top of the ...

Has the mystery of the broken marble table finally been solved?
... the saga in her new book, has solved one of Canberra's best kept secrets. Has the mystery of the culprit behind the broken marble table finally ...

Has the mystery of the broken marble table finally been solved?
... new book, has solved one of Canberra's best kept secrets. The former treasurer was apparently the one who hopped onto the Italian marble table ...

'America's Got Talent': Simon Cowell Takes A Seat At The Judges Table
"America's Got Talent" creator and executive producer Simon Cowell is taking a seat at the judges table alongside Heidi Klum, Howie Mandel and ...

An AnandTech Round Table with ASUS: 10 Years of the Republic of Gamers
... Rajinder 'Raja' Gill Technical PR Manager, ASUS USA AnandTech Motherboard Senior Editor 2008-2010 Ian Cutress 10 Years of ROG Round Table ...

Lithuanian Designer Launches Standing App For His Funky Table
... at the office. His back started to hurt and his productivity seemed to decrease. "That was the time when I started my hunt for a suitable standing ...

Table for one: How to play board games without a group
From solo games to apps and virtual tabletops, there's a world of options.

Erin Andrews video was played at Marriott ownership rep’s table at Nashville restaurant
... hit outside the courtroom Wednesday, when West End Hotel Partners representative Neal Peskind admitted to being present at a restaurant table ...

How to Make a Paris-Inspired Gold Leaf Table
... with the Paris Hamper . Then with the Vintage Rooster French Commode . And now with my latest makeover, this Paris-Inspired Gold Leaf Table… ...

Resources last updated: 3/10/2016 1:32:25 PM