Troubleshooting Kerberos Related Products
Troubleshooting Using the pamkrbval Tool
Table | Error Messages that Appear During keytab Validation | ||
|
|
| |
Error/Warning Messages | Reason for Message | Troubleshooting | |
|
|
| |
[LOG] : The keytab entry | The keytab entry for the | Regenerate the keytab file in | |
for host/cherry is not | host service principal is | the CIFS environment and | |
found in keytab file | not available. This error | check that the service key for | |
/etc/krb5.keytab |
| only occurs in the CIFS | host/simple hostname is |
[FAIL]: The keytab | environment. | present in the file. Execute the | |
validation failed |
| following command to | |
|
|
| regenerate the keytab file: |
|
|
| net ads keytab create |
|
|
| administrator |
|
|
| |
[LOG] : Key table entry | The keytab entry for the | • Extract the key from the | |
not found in keytab file | host service principal is | Kerberos Server using the | |
/etc/krb5.keytab, ignoring | not available. | kadminl tool and copy it to | |
keytab entry validation |
| your system. | |
[IGNORE]: The keytab |
| • In a CIFS environment, | |
validation is ignored, |
| ||
assuming success |
|
| regenerate the keytab file |
|
|
| and check that the service |
|
|
| key for host/fqdn is |
|
|
| present in the file. |
|
|
| Execute the following |
|
|
| command to regenerate |
|
|
| the keytab file: |
|
|
| net ads keytab create |
|
|
| administrator |
|
|
|
|
102 | Chapter 4 |