Cannot resolve network address for KDC in requested realm while getting initial credentials
Douglas E. Engert
deengert at anl.gov
Tue Feb 1 13:48:09 EST 2005
d_moor at yahoo.com wrote:
> Sorry, version pasted wasn't edited properly. There were some other
> errors which I fixed. I seem to have narrowed the problem down. kinit
> -k is finding the AD domain controller which created the keytab. It
> is, however, using the wrong principal. If I do a kinit -k
> ADhost.keytab
You need the -t option:
kinit -k -t ADhost.keytab
>
> strace on the RedHat 2.4.9 system shows:
>
> ethereal protocol KRB5 AS-REQ
> Kerberos
> Version: 5
> MSG Type: AS-REQ
> Request
> Options: 0000000000
> Client Name: ADhost.keytab
> Type: Principal
> Name: ADhost.keytab
> Realm: ADDOMAIN.COM
> Server Name: krbtgt
> Type: Unknown
> Name: krbtgt
> Name: ADDOMAIN.COM
> Start Time: 2005-01-31 21:21:33 (Z)
> End Time: 2005-02-01 07:21:33 (Z)
> Random Number: 1107206493
> Encryption Types
> Type: des3-cbc-sha1
> Type: des-cbc-md5
> Type: des-cbc-crc
> Addresses
> Type: IPv4
> Value: 165.2.18.5
>
> Kerberos
> Version: 5
> MSG Type: KRB-ERROR
> stime: 2005-01-31 21:26:39 (Z)
> susec: 349682
> Error Code: KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN
> realm: ADDOMAIN.COM
> sname: krbtgt
> Type: Unknown
> Name: krbtgt
> Name: ADDOMAIN.COM
>
> So it is taking the keytab file name for some reason for the principal
> name. I tried renaming ADhost.keytab ADhost, but now I get a
> segmentation fault.
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list