Obtaining a TGT for a BMC Server Automation client (UNIX only)
Users of the BMC Server Automation Console and the
blcred utility running on a UNIX host must manually run a kinit to obtain a ticket-gathering ticket (TGT).
The TGT is the AD/Kerberos user credential that domain users must authenticate with the BMC Server Automation Authentication Service. This procedure must be performed every time a user needs a TGT on a UNIX client. If a user already has a valid TGT, this procedure is not necessary. Although the life span of a TGT is configurable, typically a TGT is valid for 10 hours.
This procedure is only necessary in UNIX environments. If you are using a Windows client, skip this procedure.
To obtain a TGT for a BMC Server Automation client
- Copy blclient_krb5.conf to /etc/krb5.conf.
- If you are not already using krb5.conf, you can replace the existing version of krb5.conf by renaming the copy of blclient_krb5.conf.
- If you already use krb5.conf, then you must integrate the contents of blclient_krb5.conf with the contents of krb5.conf.
- To obtain a TGT, run the following command:
In this command,
<utilityPath>provides the path to the
kinitutility. If you do not have
kinitinstalled, you must first obtain it. There are many online sources for Kerberos utilities such as
The user name you provide for the kinit command does not have to be fully qualified. The name you provide is associated with the client's realm, identified when you created the client's blclient_krb5.conf file.