kinit(v5): Cannot contact any KDC for requested......
muzaffar.sultan@telvent.abengoa.com
muzaffar.sultan at telvent.abengoa.com
Wed Nov 12 22:54:52 EST 2003
Hi All,
This is my first email to clug. I hope there's kerberos expert on this
list.
I've been battling with kerberos issues for couple of days.
I've installed latest kerberos on RH advance server according to
documentation.
Everything seems ok but kerberos client apps like kinit are not working.
I could run kadmin.local. All important principals are created as well.
I logged in as root on the same machine where master kdc is running. I've
setup DNS as well but no success.
I noticed one thing: I did not create principal for root at RTDLINUX.COM. When
I ran kinit, this is the message I got in krb4kdc.log file:
Nov 11 15:06:01 kerberos krb5kdc[26446](info): AS_REQ (6 etypes {18 16 23 1
3 2}) 128.1.1.70: CLIENT_NOT_FOUND: root at RTDLINUX.COM for
krbtgt/RTDLINUX.COM at RTDLINUX.COM, Client not found in Kerberos database
Nov 11 15:06:01 kerberos krb5kdc[26446](info): DISPATCH: repeated
(retransmitted?) request from 128.1.1.70, resending previous response
When I created this principal, krb5kdc dies silently (no message in log).
It seems like kinit is communicating with kdc but somehow krb5kdc process
crashes.
when I run kinit. kinit complains with this error:
kinit(v5): Cannot contact any KDC for requested realm while getting initial
credentials
Here's my krb5.conf file:
[root at kerberos krb5kdc]# more /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = RTDLINUX.COM
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
RTDLINUX.COM = {
kdc = kerberos.rtdlinux.com:88
admin_server = kerberos.rtdlinux.com:749
default_domain = rtdlinux.com
}
[domain_realm]
.rtdlinux.com = RTDLINUX.COM
rtdlinux.com = RTDLINUX.COM
[kdc]
profile = /usr/local/var/krb5kdc/kdc.conf
[pam]
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
Here's kdc.conf file contents:
[root at kerberos krb5kdc]# more /usr/local/var/krb5kdc/kdc.conf
[kdcdefaults]
kdc_ports = 88,750
[realms]
RTDLINUX.COM = {
database_name = /usr/local/var/krb5kdc/principal
admin_keytab = /etc/krb5.keytab
acl_file = /usr/local/var/krb5kdc/kadm5.acl
key_stash_file = /usr/local/var/krb5kdc/.k5.RTDLINUX.COM
kadmin_port = 749
kdc_ports = 88,750
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
master_key_type = des3-hmac-sha1
supported_enctypes = des3-hmac-sha1:normal
des-cbc-crc:normal
}
These are the principals:
K/M at RTDLINUX.COM
kadmin/admin at RTDLINUX.COM
kadmin/changepw at RTDLINUX.COM
kadmin/history at RTDLINUX.COM
krbtgt/RTDLINUX.COM at RTDLINUX.COM
muzaffar/admin at RTDLINUX.COM
root at RTDLINUX.COM
Please help me if anybody has any clue.
Thanks in advance.
_________________________________________________________
Muzaffar Sultan--Telvent
muzaffar.sultan at telvent.abengoa.com
Ph: (403)-301-5020
More information about the Kerberos
mailing list