Hello all,
I know kerberos is everyone's favorite topic in OS X server, so I
thought I'd throw my hat into the ring. :)
I seem to have a missing krb5.keytab file in /etc, and I don't know
where it went, or how to get it back. I tried the sso_util fix
sudo sso_util configure -r SERVER.DOMAIN.CA -a USER -p PASS all
and it spits back:
DoConfigure: argc = 9
Creating the service list
Creating the service principals
WARNING: no policy specified for
host/email@hidden; defaulting to no policy
add_principal: Operation requires ``add'' privilege while creating
"host/email@hidden".
WARNING: no policy specified for
smtp/email@hidden; defaulting to no policy
add_principal: Operation requires ``add'' privilege while creating
"smtp/email@hidden".
WARNING: no policy specified for
pop/email@hidden; defaulting to no policy
add_principal: Operation requires ``add'' privilege while creating
"pop/email@hidden".
WARNING: no policy specified for
imap/email@hidden; defaulting to no policy
add_principal: Operation requires ``add'' privilege while creating
"imap/email@hidden".
WARNING: no policy specified for
ftp/email@hidden; defaulting to no policy
add_principal: Operation requires ``add'' privilege while creating
"ftp/email@hidden".
WARNING: no policy specified for
afpserver/email@hidden; defaulting to no policy
add_principal: Operation requires ``add'' privilege while creating
"afpserver/email@hidden".
Creating the keytab file
kadmin: Operation requires ``change-password'' privilege while
changing host/email@hidden's key
kadmin: Operation requires ``change-password'' privilege while
changing smtp/email@hidden's key
kadmin: Operation requires ``change-password'' privilege while
changing pop/email@hidden's key
kadmin: Operation requires ``change-password'' privilege while
changing imap/email@hidden's key
kadmin: Operation requires ``change-password'' privilege while
changing ftp/email@hidden's key
kadmin: Operation requires ``change-password'' privilege while
changing afpserver/email@hidden's key
Configuring services
WriteSetupFile: setup file path = /temp.yPcR/setup
Mail config file at /etc/MailServicesOther.plist updated successfully
Mail config file at /etc/MailServicesOther.plist updated successfully
Mail config file at /etc/MailServicesOther.plist updated successfully
AFP config file at
/Library/Preferences/com.apple.AppleFileServer.plist updated
successfully
Hupping the AFP Server
Cleaning up
I'm running as a user with full admin priveleges. What do the "no
policy" warnings mean? And why, even though it says it's creating the
keytab file, does it not?
Many thanks!
Andrew
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
