美妻中字av,青久免费视频

離線遷移或備份/恢復(fù)kdc數(shù)據(jù)庫，建議采用搭建主備kdc在線遷移。

導(dǎo)出kdc數(shù)據(jù)庫備份文件

$ sudo kdb5_util dump -verbose /home/dengsc/kdc/bakfile
$ ls -l /home/dengsc/kdc/
total 64
-rw------- 1 root   root  55991 Sep 19 10:30 bakfile
-rw------- 1 root   root      1 Sep 19 10:30 bakfile.dump_ok

同步kdc.conf,krb5.conf,kadm5.acl,bakfile文件至恢復(fù)主機(jī)

$ scp kdc.conf kadm5.acl test01:/var/kerberos/krb5kdc/
$ scp krb5.con test01:/etc/
$ scp bakfile test01:~/

在恢復(fù)主機(jī)初始化數(shù)據(jù)庫,領(lǐng)域名與先前一致

$ sudo kdb5_util create -r HADOOP.COM -s

導(dǎo)入備份數(shù)據(jù)

$ sudo kdb5_util load -verbose ~/bakfile

登錄kadmin.local查看數(shù)據(jù)是否恢復(fù)

$ sudo kadmin.local 
kadmin.local:  listprincs

修改krb.conf中的kdc,admin_server host為本地主機(jī)

$ sudo vi /etc/krb5.conf
[realms]
HADOOP.COM = {
kdc = test01
admin_server = test01
}

調(diào)試模式執(zhí)行kinit認(rèn)證(失敗)

# 認(rèn)證
$ kinit -kt dengsc.keytab dengsc
kinit: Generic error (see e-text) while getting initial credentials

# debug信息
$ KRB5_TRACE=/dev/stderr kinit -C admin/admin@HADOOP.COM
[158565] 1505798208.611471: Getting initial credentials for admin/admin@HADOOP.COM
[158565] 1505798208.611939: Sending request (174 bytes) to HADOOP.COM
[158565] 1505798208.612140: Resolving hostname nfjd-hadoop02-node177.jpushoa.com
[158565] 1505798208.612715: Initiating TCP connection to stream 192.168.254.226:88
[158565] 1505798208.612817: Sending TCP request to stream 192.168.254.226:88
[158565] 1505798208.613136: Received answer (175 bytes) from stream 192.168.254.226:88
[158565] 1505798208.613156: Terminating TCP connection to stream 192.168.254.226:88
[158565] 1505798208.613217: Response was not from master KDC
[158565] 1505798208.613268: Received error from KDC: -1765328324/Generic error (see e-text)
[158565] 1505798208.613310: Retrying AS request with master KDC
[158565] 1505798208.613328: Getting initial credentials for admin/admin@HADOOP.COM
[158565] 1505798208.613391: Sending request (174 bytes) to HADOOP.COM (master)
kinit: Generic error (see e-text) while getting initial credentials

關(guān)于報(bào)錯(cuò)社區(qū)回答:https://bugzilla.redhat.com/show_bug.cgi?id=1184628

redhat版本bug:"Principal canonicalization does not work for principals in IPA realm"

安裝ipa-server

$ sudo yum install ipa-server
$ rpm -qa | grep ipa-server
ipa-server-4.5.0-21.el7.centos.1.2.x86_64
ipa-server-common-4.5.0-21.el7.centos.1.2.noarch

再次執(zhí)行認(rèn)證(通過)

$ kinit admin/admin
Password for admin/admin@HADOOP.COM: 
$ klist
Ticket cache: FILE:/tmp/krb5cc_2190
Default principal: admin/admin@HADOOP.COM

Valid starting       Expires              Service principal
09/19/2017 13:21:11  09/20/2017 13:21:11  krbtgt/HADOOP.COM@HADOOP.COM
    renew until 09/26/2017 13:21:11
$ kdestroy

色偷偷精品伊人,欧洲久久精品,欧美综合婷婷骚逼,国产AV主播,国产最新探花在线,九色在线视频一区,伊人大交九欧美,1769亚洲,黄色成人av

KDC數(shù)據(jù)庫數(shù)據(jù)備份與恢復(fù)

KDC數(shù)據(jù)庫數(shù)據(jù)備份與恢復(fù)

導(dǎo)出kdc數(shù)據(jù)庫備份文件

同步kdc.conf,krb5.conf,kadm5.acl,bakfile文件至恢復(fù)主機(jī)

在恢復(fù)主機(jī)初始化數(shù)據(jù)庫,領(lǐng)域名與先前一致

導(dǎo)入備份數(shù)據(jù)

登錄kadmin.local查看數(shù)據(jù)是否恢復(fù)

修改krb.conf中的kdc,admin_server host為本地主機(jī)

調(diào)試模式執(zhí)行kinit認(rèn)證(失敗)

安裝ipa-server

再次執(zhí)行認(rèn)證(通過)

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容

色偷偷精品伊人,欧洲久久精品,欧美综合婷婷骚逼,国产AV主播,国产最新探花在线,九色在线视频一区,伊人大交九 欧美,1769亚洲,黄色成人av

KDC數(shù)據(jù)庫數(shù)據(jù)備份與恢復(fù)

導(dǎo)出kdc數(shù)據(jù)庫備份文件

同步kdc.conf,krb5.conf,kadm5.acl,bakfile文件至恢復(fù)主機(jī)

在恢復(fù)主機(jī)初始化數(shù)據(jù)庫,領(lǐng)域名與先前一致

導(dǎo)入備份數(shù)據(jù)

登錄kadmin.local查看數(shù)據(jù)是否恢復(fù)

修改krb.conf中的kdc,admin_server host為本地主機(jī)

調(diào)試模式執(zhí)行kinit認(rèn)證(失敗)

安裝ipa-server

再次執(zhí)行認(rèn)證(通過)

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容

色偷偷精品伊人,欧洲久久精品,欧美综合婷婷骚逼,国产AV主播,国产最新探花在线,九色在线视频一区,伊人大交九欧美,1769亚洲,黄色成人av