After some time I found out that the problem was related to a correct dns entry.
So there are two ways to fix this:
a) correct dns
b) if that is not possible due to some reason as in my case you may try this:
Use a text editor to open the /etc/hosts file, then add the following entry to the end of the file:
IP address FQDN
... where IP address is the IP address of the KDC, and FQDN is the fully qualified domain name that you specified on your DNS server.
For example: 123.456.78.910 www.example.com
In Terminal (/Applications/Utilities), execute the following command:
sudo scutil --set HostName
... where FQDN is the fully qualified domain name of this server that was configured on your DNS server.
After that I had no problems to join kerberos using:
sso_util remove -k -a diradminuser -p diradminpassword
rm /etc/krb5.keytab
# rm /Library/Preferences/edu.mit.Kerberos
# rm -R /Library/Preferences/DirectoryService/
rm -R /var/db/krb5kdc/*
/usr/sbin/sso_util configure -r LDAP.HOPRO.EDU -a diradminuser -p diradminpassword -f /LDAPv3/ipaddrofladserver -v 1 all
Hint found here:
Mac OS X Server 10.4: Kerberos authentication services may not successfully start
No comments:
Post a Comment