Ex: RE: Using scoped attributes as the C14N subject
Paul B. Henson
henson at cpp.edu
Wed Aug 17 03:51:23 UTC 2022
On Tue, Aug 16, 2022 at 08:10:06PM +0000, Wessel, Keith via users wrote:
> username to Shib for Kerberos authentication, but it always returns a
> Java "Cannot locate KDC" error, even if the part after the at-sign
> matches a realm or domain in krb5.conf.
Matches including case? Kerberos realms are case sensitive:
[realms]
EXAMPLE.COM = {
kdc = kdc.example.com
}
$ kinit test at example.com
kinit: Cannot find KDC for realm "example.com" while getting initial
credentials
$ kinit test at EXAMPLE.COM
kinit: Cannot contact any KDC for realm 'EXAMPLE.COM' while getting
initial credentials
(The first one fails because of mismatched case, the second fails cause
obviously there's no actual kdc at kdc.example.com)
--
Paul B. Henson | (909) 979-6361 | http://www.cpp.edu/~henson/
Operating Systems and Network Analyst | henson at cpp.edu
California State Polytechnic University | Pomona CA 91768
More information about the users
mailing list