Creating the kerberos database
Creating the kerberos database
We use a utility for creating that database: kdb5_util. If you cannot find that binary, then ask rpm where it is:
rpm -qal |grep kdb_util
Now we create the db:
/usr/lib/mit/sbin/kdb5_util create -r REDFLO.DE -s Loading random data Initializing database '/var/lib/kerberos/krb5kdc/principal' for realm 'REDFLO.DE', master key name 'K/M@REDFLO.DE' You will be prompted for the database Master Password. It is important that you NOT FORGET this password. Enter KDC database master key: Re-enter KDC database master key to verify:
The -s creates a "stash file" which is needed to be able to start the kerberos servers at boot time. For more discussion see the kerberos installtion guide. You will be asked for the master database password. Choose a secure. As far as i know you won't need it any more, but i'm not sure (todo: check that!)
Created by system. Last Modification: Saturday 23 of July, 2005 12:38:53 UTC by admin.
Category: UNIX
-
wiki page:
- How to use Microsoft Active Directory with postfix
- inserting the first object in your ldap directory
- Installing the mailsystem packages
- Integrating LDAP in your unix system
- Introduction
- Kerberizing kadmin
- Kerberizing sshd
- Kerberos setup
- LDAP
- LDAP schema files
- logging
- Motivation
- nss_ldap security
- OpenLDAP config files
- Other documentation
- performing a first ldap query
- PerfParse
- populating the directory
- Postfix and cyrus imapd and kerberos and LDAP
- Setting up a kerberos client machine
- Setting up your Kerberos servers
- SIngle sign on (SSO) first try
- SSO and Central Administration with Kerberos and LDAP
- Start the kerberos servers
- The configuration files
- The name service switch
- Tweak pam
- Understanding Kerberos
- Understanding Kerberos pt. 2
- Webserver Stress Test Tools
- What is LDAP?
- What the heck is pam?
- What we need
- What we want
- Audience
- Authenticating
- Bash script with timeout function
- Check Processes
- Check your installation
- Choosing a Realm
- configure your mail client
- Configuring and understanding pam
- configuring cyrus imapd
- configuring postfix
- Connect to kadmind and have a look into the database
- Creating the kerberos database
- Edit the Kerberos Admin Server ACL config
- Edit the kerberos client config file
- Edit the kerberos server config file
- Excursus to principals
- exploring schemas
- Fight Image Spam
- Fight Spam best practice
- adding a group
- Adding principals and authenticating
- Another principal
- nss with Solaris 10
- SerialConsole
![[toggle]](javascript:icntoggle('mod-ApplicationMenul2','module.png'); "[toggle]"){kind=small}
Sidebar
Wiki
Image Galleries
Powered by TikiWiki CMS/Groupware |
Theme: Strasa
[ Execution time: 0.46 secs ] [ Memory usage: 6.93MB ] [ 70 database queries used in 0.0 secs ]