Test network authentication service on iSeries A

You should verify that you have configured network authentication service correctly by requesting a ticket granting ticket for iSeries™ A principal:
  1. On a command line, enter QSH to start the Qshell Interpreter.
  2. Enter keytab list to display a list of principals registered in the keytab file. The following results should display: 
    Principal: krbsvr400/iseriesa.myc.com@MYCO.COM      
  Key version: 2                                                       
  Key type: 56-bit DES using key derivation                            
  Entry timestamp: 200X/05/29-11:02:58
  3. Enter kinit -k krbsvr400/iseriesa.myco.com@MYCO.COM to request a ticket-granting ticket from the Kerberos server. This command verifies that your iSeries server has been configured properly and the password in the keytab file matches the password stored on the Kerberos server. If this is successful then the QSH command will display without errors.
  4. Enter klist to verify that the default principal is krbsvr400/iseriesa.myco.com@MYCO.COM. This command displays the contents of a Kerberos credentials cache and verifies that a valid ticket has been created for the i5/OS™ service principal and placed within the credentials cache on the iSeries system.
     Ticket cache: FILE:/QIBM/USERDATA/OS400/NETWORKAUTHENTICATION/creds/krbcred
                                                                    
 Default principal: krbsvr400/iseriesa.myco.com@MYCO.COM  
                                                                            
Server: krbtgt/MYCO.COM@MYCO.COM              
  Valid 200X/06/09-12:08:45 to 20XX/11/05-03:08:45                          
$
You have completed the tasks required to configure network authentication service on iSeries A.
Parent topic: Scenario: Configure network authentication service
Previous topic: Create a home directory for users on iSeries A