Configuration problem

Tom Yu tlyu at MIT.EDU
Mon Jul 22 18:14:16 EDT 2002


>>>>> "brgordon" == Brett R Gordon <brgordon at andrew.cmu.edu> writes:

brgordon> As in a previous message to this list, I receive the
brgordon> following error while trying to start kadmin:

-> "Authenticating as principal root/admin at pc255.gsia.cmu.edu with  password.
-> kadmin: Required parameters in kdc.conf missing while initializing kadmin interface"

This error message is slightly misleading, as it's actually missing
parameters in krb5.conf in this case (since you're running the kadmin
client, rather than kadmin.local).

brgordon> ***krb5.conf**************

[...]

brgordon> [libdefaults]
brgordon> ticket_lifetime = 24000
brgordon> default_realm = pc255.gsia.cmu.edu

brgordon> dns_lookup_realm = false
brgordon> dns_lookup_kdc = false

brgordon> [realms]
brgordon> PC255.GSIA.CMU.EDU = {
brgordon>   kdc = pc255.gsia.cmu.edu:88
brgordon>   admin_server = pc255.gsia.cmu.edu:749
brgordon>   default_domain = cmu.edu
brgordon> }

Note that realm names are case-sensitive (as are most things in
Kerberos).  You have default_realm set to "pc255.gsia.cmu.edu"
(lowercase), while your realm stanza is for "PC255.GSIA.CMU.EDU"
(uppercase).  This results in the kadm5 client library being unable to
locate admin server information for your realm.

You should make these realm names consistent.

---Tom



More information about the Kerberos mailing list