Cannot resolve network address for KDC...
JJSoon
sn6130 at albany.edu
Fri Aug 23 10:27:36 EDT 2002
You are right, that was not a very detailed message -- but I did fool
around enough and get Kerberos up and running but some of the stuff I
does not make much sense to me whatsoever:
krb5.conf:
-- cut --
[libdefaults]
ticket_lifetime = 24000
default_realm = JJSOON.DOMAIN.COM
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
JJSOON.DOMAIN.COM = {
kdc = localhost
admin_server = kerberos.jjsoon.domain.com:749
default_domain = jjsoon.domain.com
}
[domain_realm]
.jjsoon.domain.com = JJSOON.DOMAIN.COM
jjsoon.domain.com = JJSOON.DOMAIN.COM
-- cut --
The realms section of the conf doesn't make much sense to me. Because
why wouldn't I be able to just put localhost one both lines or
"kerberos.jjsoon.domain.com" on both -- why does it have to be in this
order.
I did try putting localhost in both but kadmin gave the following
error message:
Bad krb5 admin server hostname while initializing kadmin interface
Then I tried putting kerberos.jjsoon.domain.com in both locations,
krb5kdc then could not resolve the KDC address. Go figure!
/etc/hosts:
9.xxx.xxx.xxx localhost.localdomain localhost
9.xxx.xxx.xxx kerberos.jjsoon.domain.com loopback localhost
Instead of using 127.0.0.1 I used the actual IP addreses.
Questions:
What's deal with my realm definition, why is it working that way?
Can this be done any neater because it looks like a confusing mess, I
feel bad for next guy that might have to muck around with this?
Good News:
It is running seems to be doing it job.
Thanks for help...
JJsoon
More information about the Kerberos
mailing list