KADMIN error

Kim Sassaman kim.sassaman at ins.com
Tue Jan 11 15:48:18 EST 2005 

Issuing the following command on my KDC I get the following output:

 

[root at hosthidden root]# kadmin

Authenticating as principal userhidden/admin at EXAMPLE.COM with password.

kadmin: Database error! Required KADM5 principal missing while initializing
kadmin interface

[root at hosthidden root]# kadmin.local

Authenticating as principal userhidden/admin at EXAMPLE.COM with password.

kadmin.local:  exit

[root at hosthidden root]#

 

Log output

 

Jan 11 20:38:01 hosthidden krb5kdc[1564](info): AS_REQ (3 etypes {16 3 1})
x.x.x.x(88): SERVER_NOT_FOUND: userhidden/admin at EXAMPLE.COM for
kadmin/admin at EXAMPLE.COM, Server not found in Kerberos database

 

Krb5.conf

 

[logging]

 default = FILE:/var/log/krb5libs.log

 kdc = FILE:/var/log/krb5kdc.log

 admin_server = FILE:/var/log/kadmind.log

 

[libdefaults]

 ticket_lifetime = 24000

 default_realm = EXAMPLE.COM

 dns_lookup_realm = true

 dns_lookup_kdc = true

 

[realms]

 EXAMPLE.COM = {

  kdc = hosthidden.example.com

  admin_server = hosthidden.example.com

  default_domain = example.com

 }

 

[domain_realm]

 .example.com = EXAMPLE.COM

 example.com = EXAMPLE.COM

 

[kdc]

 profile = /var/kerberos/krb5kdc/kdc.conf

 

[appdefaults]

 pam = {

   debug = false

   ticket_lifetime = 36000

   renew_lifetime = 36000

   forwardable = true

   krb4_convert = false

 }

 

Kdc.conf

 

[kdcdefaults]

 acl_file = /var/kerberos/krb5kdc/kadm5.acl

 dict_file = /usr/share/dict/words

 admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab

kdc_ports = 88

 v4_mode = nopreauth

 

[realms]

EXAMPLE.COM = {

  master_key_type = des-cbc-crc

  supported_enctypes = des3-cbc-sha1:normal des3-cbc-sha1:norealm
des3-cbc-sha1:onlyrealm des-cbc-crc:v4 des-cbc-crc:afs3 des-cbc-crc:normal
des-cbc-crc:norealm des-cbc-crc:onlyrealm des-cbc-md4:v4 des-cbc-md4:afs3
des-cbc-md4:normal des-cbc-md4:norealm des-cbc-md4:onlyrealm des-cbc-md5:v4
des-cbc-md5:afs3 des-cbc-md5:normal des-cbc-md5:norealm
des-cbc-md5:onlyrealm des-cbc-sha1:v4 des-cbc-sha1:afs3 des-cbc-sha1:normal
des-cbc-sha1:norealm des-cbc-sha1:onlyrealm

 }

 

 

/etc/hosts/

 

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1               localhost.localdomain localhost

x.x.x.x          hosthidden.example.com

 

resolv.conf

domain example.com

search example.com phx-dc.example.com ncc.example.com

nameserver x.x.x.x

nameserver x.x.x.x

nameserver x.x.x.x

 

Please help.

 

Kim Sassaman

CISSP CCNP

"Research is what I am doing when I am not sure what I am doing" - Wernher
Von Braun

More information about the Kerberos mailing list