Last updated on DECEMBER 23, 2016
Applies to:
Solaris SPARC Operating System - Version 10 1/13 U11 and laterInformation in this document applies to any platform.
Symptoms
Customer just installed solaris 10 update 11 sparc on a T5120. On Global zone kerberos works but if he creates a non-global zone (sparse or whole root) and repeat the steps to get a kerberos TGT(Ticket Granting Service), although he was prompted for his password. this is the error he was seeing:
% /bin/kinit
Password for test1@ABC.COM: <my password here>
kinit(v5): Error in the PKCS 11 library calls while getting initial credentials
this behavior is NOT reproducible under solaris 10 update 11 on the x86 architecture.
steps to reproduce:
Install solaris 10 update 11 sparc, do not install patches,create local account with username that matches user in your KDC
create /etc/krb5/krb5.conf to talk to your local KDC
test /bin/kinit
create non-global zone (both sparse and whole root should exhibit same behavior)
create same local account and krb5.conf as in the global zone
test /bin/kinit in non-global zone
Cause
Sign In with your My Oracle Support account |
|
Don't have a My Oracle Support account? Click to get started |
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms