(Add about krb5.conf)
|Line 32:||Line 32:|
Latest revision as of 07:12, 9 May 2013
These are requirements for the various Kerberos test cases.
In the various instructions replace
AD.EXAMPLE.COM with your kerberos realm. Normally this is the same as the domain, but upper case.
You need access to a Kerberos realm in order to perform these tests.
- The realm should be setup so that it is advertised in DNS correctly, and resolveable from your machine.
- You need an account on the realm, and the account password.
If you do not have access to a kerberos realm, you can setup an Active Directory domain. Active Directory runs kerberos and is useful to test against.
Use the following commands to do some basic smoke testing that your realm DNS works. The output should look similar, obviously specifics different for your realm.
$ host ad.example.com ad.example.com has address X.X.X.X $ host -t SRV _kerberos._udp.ad.example.com _kerberos._udp.ad.example.com has SRV record 0 100 88 domain-controller.ad.example.com.
- If any of the above fail, then DNS is not working properly for your realm.
The tests require MIT kerberos
krb5 version 1.11 or later. Install the following packages:
$ sudo yum install krb5-libs krb5-workstation
/etc/krb5.conf files distributed with Fedora 17 or earlier were broken. It should not be necessary to have a complex
You can replace yours with the default by doing:
$ sudo mv /etc/krb5.conf /etc/krb5.conf.bak $ sudo yum reinstall krb5-libs