search for: kdcdefaults

Hi, I installed ovirt on fedora 12 (64 bits) successfully but I had to make some changes to make it work. 1. Installation from rpms builded from the lastest git version 2. Patch ace : missing backslashes in sed commands vim /usr/share/ace/modules/ovirt/manifests/freeipa.pp line 33 : '/\\[kdcdefaults\\]/a \\ kdc_ports = 88' single_exec {"set_kdc_defaults": command => "/bin/sed -i '/\\[kdcdefaults\\]/a \\ kdc_ports = 88' /usr/share/ipa/kdc.conf.template", require => Package[ipa-server] } Line 44 : <Proxy \...

...ha1 des-cbc-crc [realms] EXAMPLE.COM = { kdc = adserver.example.com:88 nsswitch.conf passwd: compat winbind group: compat winbind shadow: compat hosts: files dns wins networks: files dns protocols: db files services: db files ethers: db files rpc: db files kdc.conf [kdcdefaults] kdc_ports = 88,750 [realms] EXAMPLE.COM = { database_name = /etc/krb5kdc/principal admin_keytab = /etc/krb5kdc/kadm5.keytab acl_file = /etc/krb5kdc/kadm5.acl dict_file = /etc/krb5kdc/kadm5.dict key_stash_file = /etc/krb5kdc/.k5.EXAMPLE.COM...

...tcp LISTEN 0 10 [::1]:464 [::]:* users:(("kdc[master]",pid=217782,fd=37)) I'm trying to set this explicitly in file?/var/lib/samba/private/kdc.conf by this directive "kpasswd_listen" [kdcdefaults] kdc_listen = 0.0.0.0 kdc_tcp_listen = 0.0.0.0 kpasswd_listen = 127.0.0.1:464 192.168.95.111:464 kdc_ports = 88 kdc_tcp_ports = 88 but nothing changed when I've changed kdc_listen I can see difference by "sudo ss -tulpn" but no changes for kpasswd_listen How is it po...

...angedb = mysql://openchange-user:passwd at localhost/openchange [netlogon] path = /var/lib/samba/sysvol/smbdomain.com/scripts read only = No [sysvol] path = /var/lib/samba/sysvol read only = No Here's my 'kdc.conf' adam at sogo:~$ sudo cat /etc/krb5kdc/kdc.conf [kdcdefaults] kdc_ports = 750,88 [realms] SMBDOMAIN.COM = { database_name = /var/lib/krb5kdc/principal admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab acl_file = /etc/krb5kdc/kadm5.acl key_stash_file = /etc/krb5kdc/stash kdc_ports = 750,88 max_life...

...mba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC - https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller --> hanging on "Verifying Kerberos" # vim /usr/local/samba/private/kdc.conf ------------------------------------------------- [kdcdefaults] kdc_ports = 88 kdc_tcp_ports = 88 kadmind_port = 464 [realms] ROOTRUDI.DE = { } rootrudi.de = { } ROOTRUDI = { } [dbmodules] db_module_dir = /usr/local/samba/lib/krb5/plugins/kdb ROOTRUDI.DE = {...

...onf is: [libdefaults] default_realm = DOMAIN.SUFFIX dns_lookup_realm = false dns_lookup_kdc = true [realms] DOMAIN.SUFFIX = { kdc = thisbox.domain.suffix:88 admin_server = thisbox.domain.suffix:749 default_domain = domain.suffix } kdc.conf is: [kdcdefaults] kdc_ports 750,88 [realms] domain.suffix = { database_name = /usr/local/samba/private/principal admin_keytab = FILE:/usr/local/samba/private/.keytab acl_file = /etc/krb5kdc/kadm5.acl keys_stash_file = /etc/krb5kdc/stash kdc_ports = 750,88...

...taller/modules/ovirt/manifests/freeipa.pp @@ -29,12 +29,12 @@ class freeipa::bundled{ command => "/bin/hostname $ipa_host", } - exec {"set_kdc_defaults": + single_exec {"set_kdc_defaults": command => "/bin/sed -i '/\[kdcdefaults\]/a \ kdc_ports = 88' /usr/share/ipa/kdc.conf.template", require => Package[ipa-server] } - exec {"replace_line_returns": + single_exec {"replace_line_returns": command => "/bin/sed -i -e 's/^/#/&...

...s] .mydomain.com = MYDOMAIN.COM mydomain.com = MYDOMAIN.COM [logging] kdc = FILE:/var/log/krb5/krb5kdc.log admin_server = FILE:/var/log/krb5/kadmind.log default = SYSLOG:NOTICE:DAEMON - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - kdc.conf [kdcdefaults] kdc_ports = 88,750 [reamls] MYDOMAIN.COM = { profile = /etc/krb5/krb5.conf database_name = /var/krb5/principal admin_keytab = /etc/krb5/kadm5.keytab acl_file = /etc/krb5/kadm5.acl kadmind_port = 749...

...t;,pid=217785,fd=17)) tcp LISTEN 0 10 > [::1]:464 [::]:* > users:(("kdc[master]",pid=217782,fd=37)) > > > I'm trying to set this explicitly in > file?/var/lib/samba/private/kdc.conf by this directive > "kpasswd_listen" > > [kdcdefaults] > kdc_listen = 0.0.0.0 > kdc_tcp_listen = 0.0.0.0 > kpasswd_listen = 127.0.0.1:464 192.168.95.111:464 > kdc_ports = 88 > kdc_tcp_ports = 88 > > but nothing changed > > when I've changed kdc_listen I can see difference by "sudo ss -tulpn" &g...

...No browseable = No [printers] comment = All Printers path = /usr/spool/samba printable = Yes browseable = No kdc.onf and krb5.conf # # Copyright 1998-2002 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # #ident "@(#)kdc.conf 1.2 02/02/14 SMI" [kdcdefaults] kdc_ports = 88,750 [realms] ___default_realm___ = { profile = /etc/krb5/krb5.conf database_name = /var/krb5/principal admin_keytab = /etc/krb5/kadm5.keytab acl_file = /etc/krb5/kadm5.acl kadmind_port = 749 max_life = 8h 0m 0s max_renewable_life = 7d 0h 0m 0s default_principal_fl...

...kdc = false ticket_lifetime = 24h renew_lifetime = 7d forwardable = true [realms] XXX.YYY = { kdc = dcserver.xxx.yyy:88 admin_server = dcserver.xxx.yyy:749 } [domain_realm] .xxx.yyy = XXX.YYY xxx.yyy = XXX.YYY /var/kerberos/krb5kdc/kdc.conf : -------------------------------- [kdcdefaults] kdc_ports = 88 kdc_tcp_ports = 88 [realms] XXX.YYY= { #master_key_type = aes256-cts acl_file = /var/kerberos/krb5kdc/kadm5.acl dict_file = /usr/share/dict/words admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab supported_enctypes = aes256-cts:normal aes128-cts:normal des3-hm...

...> > ??? [::1]:464?????????? [::]:* > > users:(("kdc[master]",pid=217782,fd=37)) > > > > > > I'm trying to set this explicitly in > > file?/var/lib/samba/private/kdc.conf by this directive > > "kpasswd_listen" > > > > [kdcdefaults] > > ?? kdc_listen = 0.0.0.0 > > ?? kdc_tcp_listen = 0.0.0.0 > > ?? kpasswd_listen = 127.0.0.1:464 192.168.95.111:464 > > ?? kdc_ports = 88 > > ?? kdc_tcp_ports = 88 > > > > but nothing changed > > > > when I've changed kdc_listen I can se...

...dministrator@ADMIN.SJC kadm5.acl */administartor@ADMIN.SJC * Does this ticket look ok? the krbtgt record looks a little odd to me. I figure I should get ADMIN/chris, and I cannot see any entries for STAFF realm left over. I kdestroyed the ticket and recreated it, but no luck kdc.conf [kdcdefaults] kdc_ports = 88 acl_file = /etc/kerberos/krb5kdc/kadm5.acl dict_file = /usr/share/dict/words admin_keytab = /etc/kerberos/krb5kdc/kadm5.keytab [realms] ADMIN.SJC = { master_key_type = des3-cbc-sha1 supported_enctypes = des3-cbc-sha1:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-...

...mil = USAF.AFMC.DS.AF.MIL usaf.af.mil = USAF.AFMC.DS.AF.MIL [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false ***************************** kdc.conf ********* [kdcdefaults] acl_file = /var/kerberos/krb5kdc/kadm5.acl dict_file = /usr/share/dict/words admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab v4_mode = nopreauth [realms] USAF.AFMC.DS.AF.MIL = { master_key_type = des-cbc-crc supported_enctypes = des3-cbc-sha1:normal des3-cbc-sha1:norealm des3-cbc-sha1:...

...= { >> kdc = dcserver.xxx.yyy:88 >> admin_server = dcserver.xxx.yyy:749 >> } >> >> [domain_realm] >> .xxx.yyy = XXX.YYY >> xxx.yyy = XXX.YYY >> >> /var/kerberos/krb5kdc/kdc.conf : >> -------------------------------- >> [kdcdefaults] >> kdc_ports = 88 >> kdc_tcp_ports = 88 >> >> [realms] >> XXX.YYY= { >> #master_key_type = aes256-cts >> acl_file = /var/kerberos/krb5kdc/kadm5.acl >> dict_file = /usr/share/dict/words >> admin_keytab = /var/kerberos/krb5kdc/...

...with_MIT_Kerberos_KDC > >- >https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller > >--> hanging on "Verifying Kerberos" > > ># vim /usr/local/samba/private/kdc.conf >------------------------------------------------- >[kdcdefaults] > kdc_ports = 88 > kdc_tcp_ports = 88 > kadmind_port = 464 > >[realms] > ROOTRUDI.DE = { > } > > rootrudi.de = { > } > > ROOTRUDI = { > } > >[dbmodules] > db_module_dir =...

...ministrator@ADMIN.SJC kadm5.acl */administartor@ADMIN.SJC * Does this ticket look ok? the krbtgt record looks a little odd to me. I figure I should get ADMIN/chris, and I cannot see any entries for STAFF realm left over. I kdestroyed the ticket and recreated it, but no luck kdc.conf [kdcdefaults] kdc_ports = 88 acl_file = /etc/kerberos/krb5kdc/kadm5.acl dict_file = /usr/share/dict/words admin_keytab = /etc/kerberos/krb5kdc/kadm5.keytab [realms] ADMIN.SJC = { master_key_type = des3-cbc-sha1 supported_enctypes = des3-cbc-sha1:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:af...

.../scripts >>> read only = No >>> >>> [sysvol] >>> path = /var/lib/samba/sysvol >>> read only = No >>> >>> Here's my 'kdc.conf' >>> >>> adam at sogo:~$ sudo cat /etc/krb5kdc/kdc.conf >>> [kdcdefaults] >>> kdc_ports = 750,88 >>> >>> [realms] >>> SMBDOMAIN.COM = { >>> database_name = /var/lib/krb5kdc/principal >>> admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab >>> acl_file = /etc/krb5kdc/kadm5.acl >&g...

...ar/log/krb5/libs.log kdc = FILE:/var/log/krb5/kdc.log admin_server = FILE:/var/log/krb5/admin.log [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true renewable = true krb4_convert = false #/var/heimdal/kdc.conf [kdcdefaults] kdc_ports = 88 [realms] TEST.LOCAL = { kadmind_port = 749 max_life = 10h 0m 0s max_renewable_life = 7d 0h 0m 0s master_key_type = des-cbc-crc supported_enctypes = des-cbc-crc:normal } [logging] kdc =...

...OUR.DOMAIN.COM our.domain.com = OUR.DOMAIN.COM [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } [root@desarrollo ~]# cat /var/kerberos/krb5kdc/kdc.conf [kdcdefaults] acl_file = /var/kerberos/krb5kdc/kadm5.acl dict_file = /usr/share/dict/words admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab v4_mode = nopreauth [realms] OUR.DOMAIN.COM = { master_key_type = des-cbc-crc supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal des-hmac-sha1:normal...