Missing parms in kdc.conf

Mark Sellers contact at reef-rats.com
Tue Nov 23 02:21:06 EST 2004 

Thanks, Bob, but none of those suggestions worked.  I even took
the time to systematically add all options to both the krb5.conf
and kdc.conf files to see what it was missing, and kadmind is
still complaining.

The only thing I can figure now is that there's some special
option required based on some lib I have loaded.  For example, if
I remove the MD5 encryption types from kdc.conf, it complains
that it cannot set GSS-API authentication names.  The Kerberos
related libs I have loaded include:
- libsasl2
- libsasl2-gssapi-mit
- libkadm55
- libkrb53

Does this info spark any ideas?

Thanks,
Mark


On Tue, 23 Nov 2004 00:14:27 -0500, bob <bob at cox.net> wrote:

> Mark Sellers wrote:
> 
> > It's finding my kdc.conf without this entry.  I know this because
> > I can add garbage to my kdc.conf and it will fail to parse it.
> > However, just to be sure, I added the [kdc] section with a
> > profile key, and I receive the same error.
> > 
> > I read in some news post that the error could also apply to
> > missing parameters in the krb5.conf file (i.e. the error text is
> > wrong).  Still, I don't see what is missing.  I'm bewildered on
> > this one.  It's gotta be something simple.
> > 
> > For reference, I'm running a 2.6.6 kernel (Debian) with Kerberos
> > 5 version 1.3.4-4.
> > 
> > Thanks for the input.  Do you have any other suggestions?
> > 
> > -Mark
> > 
> > On Mon, 22 Nov 2004 22:11:08 -0500, bob <bob at cox.net> wrote:
> > 
> > 
> >>Mark Sellers wrote:
> >>
> >>>I am getting the following Kerberos 5 error:
> >>>
> >>>kadmind: Required parameters in kdc.conf missing while
> >>>initializing, aborting
> >>>
> >>>I have tried all the obvious things like reading man pages, admin
> >>>guides, and searching the web for examples.  I have also tried
> >>>plenty of trial and error, but to no avail.  Can someone please
> >>>point me in the right direction for solving this [presumably]
> >>>simple problem.
> >>>
> >>>Conf files follow.  I have replaced my domain name with FOO.
> >>>
> >>>Regards,
> >>>Mark
> >>>
> >>
> >>Is your kdc.conf file in the default location?  If not you can add the 
> >>following to your krb5.conf:
> >>
> >>[kdc]
> >>	profile = /path/to/kdc.conf
> > 
> > 
> 
> Caught something else try this in your krb5.conf:
> 
> [domain_realm]
> 	foo = FOO
> 	.foo = FOO
>

More information about the Kerberos mailing list