Daniel Savard wrote:

>I am trying to implement Kerberos authentication for Coda. I created a
>test user in Coda with pdbtool and the same user exists in Kerberos. I
>checked Kerberos authentication with kinit and it is working fine. While
>trying to clog I am getting the following messages:
>
>username: myuser_at_somehost.mycorp.ca
>krb5.c: Server not found in Kerberos database while preparing AP_REQ
>Password for myuser_at_MYCORP.CA:
>krb5.c: Server not found in Kerberos database while preparing AP_REQ
>Failed to get secret for somehost.mycorp.ca
>Invalid login (RPC2_FAIL (F)).
>
>MYCORP.CA is the Kerberos realm and somehost.mycorp.ca is the Coda
>realm.
>
>In my venus.conf I have the following lines:
>
>realm="somehost.mycorp.ca"
>kerberos5service="host/%s"
>kerberos5realm=MYCORP.CA
>kerberos5kinit="kinit"
>
>What am I missing?
>
>TIA
>
>Daniel
>
>
>
>  
>
You missing setting keytab file for coda service in case you already 
have principal host/<SCM name in capital>@MYCORP.CA which is a principal 
for coda service. Better is to use "coda" instead of "host" as a primary 
name because the name may clash with the name of rsh/telnet service. 
Adding service principal to Kerberos database is done with kadmin and 
the command addprinc -randkey <principal name> (you will never need its 
key/password so making it at random is OK).  After the principal is 
added to the Kerberos database you should call kadmin from SCM machine 
and transfer the service key to local keytab file (/etc/krb5.keytab on 
SCM). It is done with command ktadd <service principal name>.
I suppose you have MIT Kerberos.
The coda should be working now.
Good luck!