Pkcs 11 Library Call Error In Solaris 10 Update 11 In A Non-global Zone
(Doc ID 1546486.1)
Last updated on DECEMBER 23, 2016
Applies to:Solaris SPARC Operating System - Version 10 1/13 U11 and later
Information in this document applies to any platform.
Customer just installed solaris 10 update 11 sparc on a T5120. On Global zone kerberos works but if he creates a non-global zone (sparse or whole root) and repeat the steps to get a kerberos TGT(Ticket Granting Service), although he was prompted for his password. this is the error he was seeing:
Password for test1@ABC.COM: <my password here>
kinit(v5): Error in the PKCS 11 library calls while getting initial credentials
this behavior is NOT reproducible under solaris 10 update 11 on the x86 architecture.
steps to reproduce:
Install solaris 10 update 11 sparc, do not install patches,create local account with username that matches user in your KDC
create /etc/krb5/krb5.conf to talk to your local KDC
create non-global zone (both sparse and whole root should exhibit same behavior)
create same local account and krb5.conf as in the global zone
test /bin/kinit in non-global zone
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!