Ubuntu 16.04.03 kinit:初始化Kerberos 5库时Kerberos配置文件的格式不正确

前端之家收集整理的这篇文章主要介绍了Ubuntu 16.04.03 kinit:初始化Kerberos 5库时Kerberos配置文件的格式不正确前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我正在尝试加入Ubuntu Server 16.04.3(全新安装)加入AD遵循指南 https://www.starwindsoftware.com/blog/ubuntu-join-a-server-to-an-active-directory-domain

/etc/krb5.conf包含如下:

[libdefaults]
ticket_lifetime = 24000
default_realm = mydomain.local
default_tgs_entypes = rc4-hmac des-cbc-md5
default_tkt__enctypes = rc4-hmac des-cbc-md5
permitted_enctypes = rc4-hmac des-cbc-md5
dns_lookup_realm = true
dns_lookup_kdc = true
dns_fallback = yes

[realms]
mydomain.local = {
  kdc = pdc.mydomain.local
  kdc = sdc.mydomain.local
  default_domain = pdc.mydomain.local
}

[domain_realm]
.mydomain.local = pdc.mydomain.local
mydomain.local = pdc.mydomain.local

[appdefaults]
pam = {
  debug = false
  ticket_lifetime = 36000
  renew_lifetime = 36000
  forwardable = true
  krb4_convert = false
}

[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

运行sudo kinit domainuser我收到错误:kinit:初始化Kerberos 5库时Kerberos配置文件的格式不正确.谷歌搜索我发现了CentOS7 Kerberos Auth: Improper format of Kerberos configuration file;.我已经检查了/etc/krb5.conf语法没有错误.

也许更简单的配置进行故障排除? (另外,注意大写,即使看起来很随意也很重要.)
[libdefaults]
  default_realm = MYDOMAIN.LOCAL
  ticket_lifetime = 24h
  renew_lifetime = 7d
  dns_lookup_realm = false

[realms]
MYDOMAIN.LOCAL = {
  kdc = pdc.mydomain.local
  kdc = sdc.mydomain.local
}

[domain_realm]
mydomain.local = MYDOMAIN.LOCAL
.mydomain.local = MYDOMAIN.LOCAL

[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

如果这样做,您可以开始添加其他设置,直到出现故障.

猜你在找的Ubuntu相关文章