Is there a command to find out the key versions that it is saying are incorrect between server and client? Doesn't appear it's an issue with KVNO numbers because sometimes logins don't work (when I see the error above) even if KVNO's match or don't match between servers and client. Any help would be appreciated.
Client (RHEL) I've set the keytabs to KVNO = 5 for each of the 3 keytabs so they 'should' match but I still get the above error and hence Access Denied. If I don't specify -kvno 5 the system picks what appear to be next numbers in line like 29,30,31 etc
Thanks,
Dev
Last edited by Devyn; 09-04-2015 at 12:11 PM..
Reason: Use code tags
I have AD (active directory) user, "asdf", created and a matching local AIX user name. Using "kinit", I can successfully authenticate it against the MS AD but when they I try to login via SSH with the same user name, it doesn't work. How can I get AIX to allow kerberos authentication as a valid... (1 Reply)
Can anybody please help me on how to code for the below requirement:
I need to write a shell script (on different unix server) to copy files from multiple folders (ex. BRN-000001) from one windows server (\\boldls-mwe-dev4)to a different windows server(\\rrwin-ewhd04.ecomad.int). This shell... (4 Replies)
I have a value in a file i am processing that has a date like "2012-Jun-13"
how can I convert a date like that 2012-06-13?
Am I stuck building an array of three digit months and corresponding numbers and running through the logic of figuring out the number??
or can I convert this with... (1 Reply)
Hi I have a problem with Date format in my code.
1st I am trying to convert today's date to yesterday's using
YESTERDAY3=`perl -e '@y=localtime(time()-86400); printf "%04d/%02d/%02d",$y+1900,$y+1,$y;$y;'`
And once it is done I am trying to using the yesterday date in a grep command to... (3 Replies)
I have added two new sports events.
The FIFA Ballon d'Or is an association football award given annually to the player who is considered to have performed the best in the previous season. It is awarded based on votes by coaches and captains of international teams, as well as journalists from... (0 Replies)
hi ,
Im configuring web site with authencation to a folder but the authentication is not happening.
below is the conf file of /etc/httpd/conf/httpd.conf
<VirtualHost 192.168.1.4:80>
DocumentRoot /var/www/html/
ServerName redhatclient.example.com
<directory... (0 Replies)
Hi,
How can we share a AIX drive on to Windows 2012 server. or vise versa.
Note: Not using NFS/CIFS/samba. (*we are not able to use samba/NFS/CIFS for some reason)
Requirement: How to have real time file sharing over the network between Windows and UNIX
Do you guys have any ... (4 Replies)
Hi all,
I have installed samba 3.6.22 on AIX 7.1 and join a windows AD with success.
All seem to work fine, I have configured smb.conf, methods.cfg, kerberos, user .... the following command work fine wbinfo -u, wbinfo -g, wbinfo -i, wbinfo -s, wbinfo -S, lsuser, id...
The unique... (20 Replies)
how to find out line count ( wc -l ) for multiple fines in windows cmd
the command which i a using to find line count for single file is
type sec0001.txt | find /c /v ""
but how to use it for multiple files
to get output filewise as if this command is run like
type sec*.txt |... (2 Replies)
Gentleman,
i am trying to setup Authentication for my Solaris 11 Server through Active Directory (Server 2012 R2).
At least some things are already working, for example a getent passwd mydomainuser and ldapsearch command comes back with a correct result. So not everything i did was wrong.
... (1 Reply)
Discussion started by: bahnhasser83
1 Replies
LEARN ABOUT OPENSOLARIS
ktutil
ktutil(1) User Commands ktutil(1)NAME
ktutil - Kerberos keytab maintenance utility
SYNOPSIS
/usr/bin/ktutil
DESCRIPTION
The ktutil command is an interactive command-line interface utility for managing the keylist in keytab files. You must read in a keytab's
keylist before you can manage it. Also, the user running the ktutil command must have read/write permissions on the keytab. For example,
if a keytab is owned by root, which it typically is, ktutil must be run as root to have the appropriate permissions.
COMMANDS
clear_list Clears the current keylist.
clear
read_kt file Reads a keytab into the current keylist. You must specify a keytab file to read.
rkt file
write_kt file Writes the current keylist to a keytab file. You must specify a keytab file to write. If the keytab file already
wkt file exists, the current keylist is appended to the existing keytab file.
add_entry number Adds an entry to the current keylist. Specify the entry by the keylist slot number.
addent number
delete_entry number Deletes an entry from the current keylist. Specify the entry by the keylist slot number.
delent number
list Lists the current keylist.
l
list_request Lists available requests (commands).
lr
quit Exits utility.
exit
q
EXAMPLES
Example 1 Deleting a principal from a file
The following example deletes the host/denver@ACME.com principal from the /etc/krb5/krb5.keytab file. Notice that if you want to delete an
entry from an existing keytab, you must first write the keylist to a temporary keytab and then overwrite the existing keytab with the tem-
porary keytab. This is because the wkt command actually appends the current keylist to an existing keytab, so you can't use it to overwrite
a keytab.
example# /usr/krb5/bin/ktutil
ktutil: rkt /etc/krb5/krb5.keytab
ktutil: list
slot KVNO Principal
---- ---- ---------------------------------------
1 8 host/vail@ACME.COM
2 5 host/denver@ACME.COM
ktutil:delent 2
ktutil:l
slot KVNO Principal
---- ---- --------------------------------------
1 8 host/vail@ACME.COM
ktutil:wkt /tmp/krb5.keytab
ktutil:q
example# mv /tmp/krb5.keytab /etc/krb5/krb5.keytab
FILES
/etc/krb5/krb5.keytab keytab file for Kerberos clients
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWkrbu |
+-----------------------------+-----------------------------+
|Interface Stability |See below. |
+-----------------------------+-----------------------------+
The command arguments are Evolving. The command output is Unstable.
SEE ALSO kadmin(1M), k5srvutil(1M), attributes(5), kerberos(5)SunOS 5.11 16 Nov 2006 ktutil(1)