Today on r/programming: Understanding how Kerberos works, but also WHY it works the way it does. (PDF)
To change a user’s Kerberos password (on charity):
sudo kadmin -p root -w `cat /home/jj5/kadmin_root_pass` -q 'cpw eguser'
Where ‘eguser’ is the username of the account being changed.
I was getting “Failed to verify krb5 credentials: Server not found in Kerberos database” errors when trying to use Kerberos authentication in Apache2. The problem was in my /etc/hosts file. I needed to change this:
10.183.97.44 charity.progclub.org charity 18.104.22.168 charity-public
10.183.97.44 charity.progclub.org charity 22.214.171.124 charity.progclub.org charity-public
Some reading to do concerning integrating Postfix/Kerberos with LDAP: