kinit(v5): Cannot contact any KDC for requested......

muzaffar.sultan@telvent.abengoa.com muzaffar.sultan at telvent.abengoa.com
Wed Nov 12 22:54:52 EST 2003


Hi All,

This is my first email to clug. I hope there's kerberos expert on this
list.
I've been battling with kerberos issues for couple of days.

I've installed latest kerberos on RH advance server according to
documentation.
Everything seems ok but kerberos client apps like kinit are not working.

I could run kadmin.local. All important principals are created as well.

I logged in as root on the same machine where master kdc is running. I've
setup DNS as well but no success.

I noticed one thing: I did not create principal for root at RTDLINUX.COM. When
I ran kinit, this is the message I got in krb4kdc.log file:

Nov 11 15:06:01 kerberos krb5kdc[26446](info): AS_REQ (6 etypes {18 16 23 1
3 2}) 128.1.1.70: CLIENT_NOT_FOUND: root at RTDLINUX.COM for
krbtgt/RTDLINUX.COM at RTDLINUX.COM, Client not found in Kerberos database
Nov 11 15:06:01 kerberos krb5kdc[26446](info): DISPATCH: repeated
(retransmitted?) request from 128.1.1.70, resending previous response

When I created this principal, krb5kdc dies silently (no message in log).
It seems like kinit is communicating with kdc but somehow krb5kdc process
crashes.

when I run kinit. kinit complains with this error:
kinit(v5): Cannot contact any KDC for requested realm while getting initial
credentials

Here's my krb5.conf file:
[root at kerberos krb5kdc]# more /etc/krb5.conf
[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 ticket_lifetime = 24000
 default_realm = RTDLINUX.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false

[realms]
 RTDLINUX.COM = {
  kdc = kerberos.rtdlinux.com:88
  admin_server = kerberos.rtdlinux.com:749
  default_domain = rtdlinux.com
 }

[domain_realm]
 .rtdlinux.com = RTDLINUX.COM
 rtdlinux.com = RTDLINUX.COM


[kdc]
 profile = /usr/local/var/krb5kdc/kdc.conf

[pam]
 debug = false
 ticket_lifetime = 36000
 renew_lifetime = 36000
 forwardable = true
 krb4_convert = false

Here's kdc.conf file contents:
[root at kerberos krb5kdc]# more /usr/local/var/krb5kdc/kdc.conf
[kdcdefaults]
        kdc_ports = 88,750

[realms]
        RTDLINUX.COM = {
                database_name = /usr/local/var/krb5kdc/principal
                admin_keytab = /etc/krb5.keytab
                acl_file = /usr/local/var/krb5kdc/kadm5.acl
                key_stash_file = /usr/local/var/krb5kdc/.k5.RTDLINUX.COM
                kadmin_port = 749
                kdc_ports = 88,750
                max_life = 10h 0m 0s
                max_renewable_life = 7d 0h 0m 0s
                master_key_type = des3-hmac-sha1
                supported_enctypes = des3-hmac-sha1:normal
des-cbc-crc:normal
        }

These are the principals:
K/M at RTDLINUX.COM
kadmin/admin at RTDLINUX.COM
kadmin/changepw at RTDLINUX.COM
kadmin/history at RTDLINUX.COM
krbtgt/RTDLINUX.COM at RTDLINUX.COM
muzaffar/admin at RTDLINUX.COM
root at RTDLINUX.COM

Please help me if anybody has any clue.

Thanks in advance.
_________________________________________________________
Muzaffar Sultan--Telvent
muzaffar.sultan at telvent.abengoa.com
Ph: (403)-301-5020









More information about the Kerberos mailing list