 |
 |
OSXS Panther: How to turn on Kerberos (KDC) if stopped?
|
|
|
|
|
Posting Junkie
Join Date: Nov 2001
Location: Retired.
Status:
Offline
|
|
Anybody know how to turn on KDC (Kerberos) if it suddenly becomes stopped and you can't authenticate to the machine using OSXS Panther? Terminal command or anything? I don't see anything through the GUI that just flips it back on...
Thanks.
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Sep 2001
Location: Chico, CA and Carlsbad, CA.
Status:
Offline
|
|
Originally posted by gorickey:
Anybody know how to turn on KDC (Kerberos) if it suddenly becomes stopped and you can't authenticate to the machine using OSXS Panther? Terminal command or anything? I don't see anything through the GUI that just flips it back on...
Thanks.
You can't log on locally to the server itself?
|
"In Nomine Patris, Et Fili, Et Spiritus Sancti"
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2001
Location: Retired.
Status:
Offline
|
|
Originally posted by [APi]TheMan:
You can't log on locally to the server itself?
You can log on locally; however, you can't authenticate to the ODM (Open Directory Master) at that point.
Kerberos (KDC) must be up and running anyway.
Any idea?
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Nov 2001
Status:
Offline
|
|
Originally posted by gorickey:
Anybody know how to turn on KDC (Kerberos) if it suddenly becomes stopped and you can't authenticate to the machine using OSXS Panther? Terminal command or anything? I don't see anything through the GUI that just flips it back on...
Thanks.
Did you monkey with DNS settings at all?
Anyway, to address this, try setting Open Directory to "standalone server" (via Server Admin), and then changing it back to "Open Directory Master." If your DNS is properly set up, this will cause the KDC to start back up.
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2001
Location: Retired.
Status:
Offline
|
|
Originally posted by CatOne:
Did you monkey with DNS settings at all?
Anyway, to address this, try setting Open Directory to "standalone server" (via Server Admin), and then changing it back to "Open Directory Master." If your DNS is properly set up, this will cause the KDC to start back up.
You know, come to think of it, another person did fix some reverse lookup things on the DNS side a few weeks ago. Could that have done it by chance? How does that break KDC?
I'll try your suggestion and try to let you know as well if it worked.
Thanks!
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2001
Location: Retired.
Status:
Offline
|
|
Originally posted by CatOne:
Anyway, to address this, try setting Open Directory to "standalone server" (via Server Admin), and then changing it back to "Open Directory Master." If your DNS is properly set up, this will cause the KDC to start back up.
Before trying this, I assume this isn't going to jack up anything by simply switching this back and forth? Like the LDAP database won't be erased if I make it a Standalone, and then back to an ODM immediately?
Just confirming.
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Nov 2001
Status:
Offline
|
|
Originally posted by gorickey:
Before trying this, I assume this isn't going to jack up anything by simply switching this back and forth? Like the LDAP database won't be erased if I make it a Standalone, and then back to an ODM immediately?
Just confirming.
It won't jack anything, no. You won't be able to access/log in as the LDAP users while it's turned off, of course.
It was probably the reverse DNS changes that screwed things up. That can affect lookups in strange ways..
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2001
Location: Retired.
Status:
Offline
|
|
Originally posted by CatOne:
It won't jack anything, no. You won't be able to access/log in as the LDAP users while it's turned off, of course.
It was probably the reverse DNS changes that screwed things up. That can affect lookups in strange ways..
Thanks for the confirmation, I'll give it a go and see how it goes...
Thanks yet again.
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Sep 2001
Location: Chico, CA and Carlsbad, CA.
Status:
Offline
|
|
Ah, DNS is evil, it does weird things to LDAP if its mucked with after you bind... It's a rather infamous feature of OS X Server. Fortunately Panther comes with the changeip command which previous incarnations didn't have. I hope that fixes your problem...
|
"In Nomine Patris, Et Fili, Et Spiritus Sancti"
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2001
Location: Retired.
Status:
Offline
|
|
Everything is back and working again...it worked!
Thanks for all the help.
I hope Apple can incorporate a better "GUI" for KDC (starting/stopping) in a future version of the OS...
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2001
Location: Retired.
Status:
Offline
|
|
Everything is back and working again...it worked!
Thanks for all the help.
I hope Apple can incorporate a better "GUI" for KDC (starting/stopping) in a future version of the OS...
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2001
Location: Retired.
Status:
Offline
|
|
Everything is back and working again...it worked!
Thanks for all the help.
I hope Apple can incorporate a better "GUI" for KDC (starting/stopping) in a future version of the OS...
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2001
Location: Retired.
Status:
Offline
|
|
Everything is back and working again...it worked!
Thanks for all the help.
I hope Apple can incorporate a better "GUI" for KDC (starting/stopping) in a future version of the OS...
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Nov 2001
Location: Retired.
Status:
Offline
|
|
Major database burps...
YIKES!
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
Top