validating keytab files: Cannot find KDC for requested realm whilegetting initial credentials

Frank Balluffi frank.balluffi at db.com
Tue Oct 26 16:39:22 EDT 2004


I am able to validate (test) keytab files for service1/host1.us.foo.com at FOO.COM and service2/host2.us.foo.com at FOO.COM using the command "kinit -5 -k -t keytab-file service-principal" from host1.us.foo.com, but when I try to validate a keytab file for service3/host3.au.foo.com at FOO.COM from host1.us.foo.com I get the following error:

kinit(v5): Cannot find KDC for requested realm while getting initial credentials

krb5.conf says:

[realms]
    FOO.COM = {
        kdc = ...foo.com:88
        ...
   }

[domain_realm]
    .foo.com = FOO.COM

Is this behavior expected? Do I need to be "on" a host in .au.foo.com to validate a keytab for service3/host3.au.foo.com at FOO.COM? Thanks.

Frank


--

This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.




More information about the Kerberos mailing list