Kerberos and FR 3.0.1 (fedora)

Arran Cudbard-Bell a.cudbardb at freeradius.org
Thu May 15 12:19:05 CEST 2014


On 15 May 2014, at 11:12, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:

> 
> On 15 May 2014, at 01:24, Brendan Kearney <bpk678 at gmail.com> wrote:
> 
>> i am evaluating FR 3.0.1 with kerberos/ldap for authN/authZ,
>> respectively.  for some reason, the kerberos piece is not authenticating
>> me.  the keytab is freshly minted and the kvno in it matches what is in
>> kadmin.  the keytab is owned by radiusd:radiusd.  kinit
>> -kt /etc/raddb/radius.keytab radius/test.bpk2.com results in a ticket
>> being granted.  not sure what the issue is.  can anyone offer a pointer?
> 
> Try 3.0.3, there have been some fixes since 3.0.1.

Though you also need to make sure there's a keytab entry for your service
principle.

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140515/2d213e54/attachment.pgp>


More information about the Freeradius-Users mailing list