validating keytab files: Cannot find KDC for requested realm whilegetting initial credentials
Frank Balluffi
frank.balluffi at db.com
Tue Oct 26 21:29:02 EDT 2004
Adding "dns_lookup_kdc = true" to the [libdefaults] section of krb5.conf seems to fix the problem.
Frank
"Frank Balluffi"
<frank.balluffi+exter To: kerberos at mit.edu
nal at db.com> cc:
Sent by: Subject: validating keytab files: Cannot find KDC for requested realm
kerberos-bounces at mit. whilegetting initial credentials
edu
10/26/2004 04:39 PM
I am able to validate (test) keytab files for service1/host1.us.foo.com at FOO.COM and service2/host2.us.foo.com at FOO.COM using the command "kinit -5 -k -t keytab-file service-principal" from host1.us.foo.com, but when I try to validate a keytab file for service3/host3.au.foo.com at FOO.COM from host1.us.foo.com I get the following error:
kinit(v5): Cannot find KDC for requested realm while getting initial credentials
krb5.conf says:
[realms]
FOO.COM = {
kdc = ...foo.com:88
...
}
[domain_realm]
.foo.com = FOO.COM
Is this behavior expected? Do I need to be "on" a host in .au.foo.com to validate a keytab for service3/host3.au.foo.com at FOO.COM? Thanks.
Frank
--
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
________________________________________________
Kerberos mailing list Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
--
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
More information about the Kerberos
mailing list