{"id":1403,"date":"2012-11-28T17:38:46","date_gmt":"2012-11-28T22:38:46","guid":{"rendered":"http:\/\/adterrasperaspera.com\/blog\/?p=1403"},"modified":"2013-11-13T05:15:12","modified_gmt":"2013-11-13T10:15:12","slug":"fixing-wrong-principal-in-request-in-kerberos-5","status":"publish","type":"post","link":"https:\/\/adterrasperaspera.com\/blog\/2012\/11\/28\/fixing-wrong-principal-in-request-in-kerberos-5\/","title":{"rendered":"Fixing &#8220;Wrong principal in request&#8221; in Kerberos 5"},"content":{"rendered":"<p><code>krb5_newrealm<\/code> doesn&#8217;t seem to add enough lines to <code>\/etc\/krb5.conf<\/code>. To fix this, add the following lines to <code>\/etc\/krb5.conf<\/code> on all machines participating in the realm. My local realm is <code>LAN<\/code>, but substitute your own. The new lines will be in bold, the existing lines should already exist, if they don&#8217;t, add them.<\/p>\n<pre><code>[realms]\r\n   LAN = {\r\n     kdc = infinity.lan\r\n     admin_server = infinity.lan\r\n     <strong>default_domain = lan<\/strong>\r\n   }\r\n\r\n[domain_realm]\r\n   <strong>.lan = LAN<\/strong>\r\n   <strong>lan = LAN<\/strong>\r\n<\/code><\/pre>\n<p>All hosts\/servers participating in the realm that offer Kerberized services should have a FQDN that ends in your realm&#8217;s domain name (<code>.lan<\/code> in my case).<\/p>\n","protected":false},"excerpt":{"rendered":"<p>krb5_newrealm doesn&#8217;t seem to add enough lines to \/etc\/krb5.conf. To fix this, add the following lines to \/etc\/krb5.conf on all machines participating in the realm. My local realm is LAN, but substitute your own. The new lines will be in bold, the existing lines should already exist, if they don&#8217;t, add them. [realms] LAN = [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[404],"tags":[],"_links":{"self":[{"href":"https:\/\/adterrasperaspera.com\/blog\/wp-json\/wp\/v2\/posts\/1403"}],"collection":[{"href":"https:\/\/adterrasperaspera.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/adterrasperaspera.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/adterrasperaspera.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/adterrasperaspera.com\/blog\/wp-json\/wp\/v2\/comments?post=1403"}],"version-history":[{"count":13,"href":"https:\/\/adterrasperaspera.com\/blog\/wp-json\/wp\/v2\/posts\/1403\/revisions"}],"predecessor-version":[{"id":2270,"href":"https:\/\/adterrasperaspera.com\/blog\/wp-json\/wp\/v2\/posts\/1403\/revisions\/2270"}],"wp:attachment":[{"href":"https:\/\/adterrasperaspera.com\/blog\/wp-json\/wp\/v2\/media?parent=1403"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/adterrasperaspera.com\/blog\/wp-json\/wp\/v2\/categories?post=1403"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/adterrasperaspera.com\/blog\/wp-json\/wp\/v2\/tags?post=1403"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}