Kerberos configuration with external DNS server.

Douglas E. Engert deengert at anl.gov
Thu May 27 22:26:57 EDT 2004



sam wrote:
> 
> Hi,
> 
> does anyone know why I get the following error:
> root at fbsd [10:56am] [~]# kinit tillman
> tillman at ROCK.COM's Password:
> kinit: krb5_get_init_creds: unable to reach any KDC in realm ROCK.COM
> root at fbsd [10:57am] [~]#
> 
> I have written the following kerberos lines in a seperate DNS server:
> 
> kerberos                CNAME 192.168.1.1
> 
> _kerberos               IN TXT  ROCK.COM
> _kerberos._udp          IN SRV  0 0 88 kerberos.rock.com

Try 

_kerberos._udp.rock.com.  IN SRV 0 0 88 kerberos.rock.com




> _kerberos-master._udp   IN SRV  0 0 88 kerberos.rock.com
> _kerberos-adm._tcp      IN SRV  0 0 749 kerberos.rock.com
> _kpasswd._udp           IN SRV  0 0 464 kerberos.rock.com


Try nslookup
 set type=ANY
 _kerberos._udp.rock.com 

and see if your DNS server has the SRV records. 
>From what I see from here, it does not. 


> 
> but pinging from another machine to kerberos server is failed, I m not
> sure if this is the problem. What is the correct way to setup DNS to
> include kerberos configuratoin?
> 
> Thanks
> sam
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos

-- 

 Douglas E. Engert  <DEEngert at anl.gov>
 Argonne National Laboratory
 9700 South Cass Avenue
 Argonne, Illinois  60439 
 (630) 252-5444


More information about the Kerberos mailing list