NOTE "Kerberos User Principal not found. Do you have a valid Credential Cache?"
Reading through Sander Van Vugt's book (RHCSA/RHCE 7), I came across an issue while setting up Kerberos for NFS. It is detailed in Appendix D on the CD that came with the book: Appendix D, "Preparing Your IPA Server for Kerberized NFS".
Step 8 of the book states:
"On server1, type ipa-getkeytab -s ipa.example.com -p nfs/server1.
example.com -k /etc/krb5.keytab."
Following these instructions only yielded the error below:
Kerberos User Principal not found. Do you have a valid Credential Cache?
According to the Kerberos documentation it is necessary to request a ticket before proceeding, therefore running the following command prior to Step 8 should resolve the issue:
[root@server1 ~]# kinit admin
Password for admin@EXAMPLE.COM: (enter the password)
You can then retry the command from Step 8.
[root@server1 ~]# ipa-getkeytab -s ipa.example.com -p nfs/server1.example.com -k /etc/krb5.keytab
Failed to parse result: Failed to decode GetKeytab Control.
Retrying with pre-4.0 keytab retrieval method...
Keytab successfully retrieved and stored in: /etc/krb5.keytab
The command was successful... this is another reminder for me that books can and will contain mistakes - and that the online documentation (manual pages) are an excellent resource.
Reading through Sander Van Vugt's book (RHCSA/RHCE 7), I came across an issue while setting up Kerberos for NFS. It is detailed in Appendix D on the CD that came with the book: Appendix D, "Preparing Your IPA Server for Kerberized NFS".
Step 8 of the book states:
"On server1, type ipa-getkeytab -s ipa.example.com -p nfs/server1.
example.com -k /etc/krb5.keytab."
Following these instructions only yielded the error below:
Kerberos User Principal not found. Do you have a valid Credential Cache?
According to the Kerberos documentation it is necessary to request a ticket before proceeding, therefore running the following command prior to Step 8 should resolve the issue:
[root@server1 ~]# kinit admin
Password for admin@EXAMPLE.COM: (enter the password)
You can then retry the command from Step 8.
[root@server1 ~]# ipa-getkeytab -s ipa.example.com -p nfs/server1.example.com -k /etc/krb5.keytab
Failed to parse result: Failed to decode GetKeytab Control.
Retrying with pre-4.0 keytab retrieval method...
Keytab successfully retrieved and stored in: /etc/krb5.keytab
The command was successful... this is another reminder for me that books can and will contain mistakes - and that the online documentation (manual pages) are an excellent resource.
This was a great help. Was scratching my head on the book for a little while. Thank you for posting this.
ReplyDeleteGlad it helped! :)
DeleteNice work :)
Deletethanks man.
ReplyDeleteThanks, this really helped me.
ReplyDeleteThank you :)
ReplyDelete