How to kerberize services on Mac bound to Kerberos KDC on Linux?
You don’t need to bind a mac to use Kerberos. In fact, binding brings a whole host of issues, one of which is lack of clarity at which problem you are chasing down.
To test and validate Kerberos tickets and transactions are operational at the command line use kinit
and klist
(both of which have quite adequate manual pages that describe the detaults. You will want to point kinit
at your service principal with the -S or --service argument the first time you initialize Kerberos.)
Perhaps I don’t fully understand what you are trying to accomplish - if so, please comment and/or ask a follow on question with those details. We’re using this to great benefit at work and haven’t needed to bind any macs and have ripped out the binding on all but a few that need to share out files as servers and they don’t need kinit
or klist
- just to be bound properly one time.