我试图连接到在ApacheDS上运行的Kerberos。 这里是我在LDAP上加载的初始LDIF:
dn: ou=Users,dc=example,dc=com ou: Users description: Example.Com Users objectClass: organizationalUnit dn: uid=hnelson,ou=Users,dc=example,dc=com objectClass: top objectClass: person objectClass: inetOrgPerson objectClass: krb5principal objectClass: krb5kdcentry cn: Horatio Nelson sn: Nelson uid: hnelson userPassword: secret krb5PrincipalName: [email protected] krb5KeyVersionNumber: 0 然后我创build了下面的/etc/krb5.conf
[libdefaults] default_realm = EXAMPLE.COM default_tgs_enctypes = des-cbc-md5,des3-cbc-sha1-kd default_tkt_enctypes = des-cbc-md5,des3-cbc-sha1-kd dns_lookup_realm = false dns_lookup_kdc = false allow_weak_crypto = yes ticket_lifetime = 24h renew_lifetime = 7d forwardable = yes [realms] EXAMPLE.COM = { kdc = localhost:60088 admin_server = localhost:60088 } [domain_realm] .example.com = EXAMPLE.COM example.com = EXAMPLE.COM
现在,当运行kinit来获取kerberos票据时,似乎没有可用的服务来处理请求:
[francesco@localhost kerberos]$ kinit [email protected] Password for [email protected]: kinit: A service is not available that is required to process the request while getting initial credentials
然而,该服务在端口60088上运行:
[francesco@localhost kerberos]$ netstat -an | grep 60088 tcp6 0 0 127.0.0.1:60088 :::* LISTEN
最后,这是我的/ etc / hosts文件:
127.0.0.1 localhost 127.0.0.1 localhost.localdomain localhost
任何想法如何解决这个问题? 谢谢