mit kerberosv5 1.2.7 - kadmin wont connect - please help

Yan ymercier at mxtest.homedns.org
Sun Mar 30 22:55:25 EST 2003


Hi group,
    I compiled it from source on Solaris8.
I followed the installation guide, created an admin
principal, an ACL, filled krb5.conf and kdc.conf.
The installation as /opt/k5 for --prefix so I created
/opt/k5/etc and /opt/k5/var manually to put my config
files.

When starting krb5kdc this port appears :
--------------------------------------------------------
UDP: IPv4
192.168.0.8.88                              Idle
--------------------------------------------------------

and the ports for kadmind :
--------------------------------------------------------
UDP: IPv4
      *.464                                 Idle
TCP: IPv4
      *.749                *.*                0      0 24576      0 LISTEN
--------------------------------------------------------

So I assume my servers are up and running, the procs
are in ps -ef output as well.

kadmin.local works here is the getprincs output:
--------------------------------------------------------
kadmin.local:  getprincs
K/M at NEOTOKYO.COM
kadmin/admin at NEOTOKYO.COM
kadmin/changepw at NEOTOKYO.COM
kadmin/history at NEOTOKYO.COM
krbtgt/NEOTOKYO.COM at NEOTOKYO.COM
yan/admin at NEOTOKYO.COM
--------------------------------------------------------

I found while googling that someone has had this problem
before, and he was told to make sure that its host file was
configured to have the FQDN of the machine appearing first
in the host file for that IP. It didnt solved my problem.

Heres the problem :
--------------------------------------------------------
sun2# kadmin -p yan/admin at NEOTOKYO.COM
Authenticating as principal yan/admin at NEOTOKYO.COM with password.
kadmin: Cannot contact any KDC for requested realm while initializing kadmin
interface
--------------------------------------------------------

Here is my krb5.conf file :
--------------------------------------------------------
[libdefaults]
ticket_lifetime = 600
default_realm = NEOTOKYO.COM
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc

[realms]
NEOTOKYO.COM = {
    kdc = SUN2.NEOTOKYO.COM
    admin_server = SUN2.NEOTOKYO.COM
    default_domain = NEOTOKYO.COM
}

[domain_realm]
.neotokyo.com = NEOTOKYO.COM
neotokyo.com = NEOTOKYO.COM

[logging]
kdc = FILE:/opt/k5/var/krb5kdc/kdc.log
admin_server = FILE:/opt/k5/var/krb5kdc/kadmin.log
--------------------------------------------------------

Neither kdc.log nor kadmind.log are showing anything
special, not even the connection requests.

You can reach me at ymercier at mxtest.homedns.org if you wish
to help

Yannick




More information about the Kerberos mailing list