Cannot resolve network address for KDC in requested realm while getting initial credentials

David.Moor@oracle.com David.Moor at oracle.com
Thu Jan 20 18:06:39 EST 2005


On Red Hat linux 2.4.9
krb5-devel-1.2.2-24
krb5-libs-1.2.2-24
krb5-server-1.2.2-24
krb5-workstation-1.2.2-24
running everything on the local host

I can run kinit.just fine:

kinit test
Password for test at host.COM:

I can create a keytab file:

kadmin.local:  ktadd -k /var/kerberos/krb5kdc/kadm5test test
Entry for principal test with kvno 5, encryption type Triple DES cbc
mode with       HMAC/sha1 added to keytab
WRFILE:/var/kerberos/krb5kdc/kadm5test.
Entry for principal test with kvno 5, encryption type DES cbc mode
with CRC-32    added to keytab WRFILE:/var/kerberos/krb5kdc/kadm5test.

However, I can't kinit using this keytab file:

[root at host/var/kerberos/krb5kdc]$ kinit -k kadm5test
kinit(v5): Cannot resolve network address for KDC in requested realm
while getting initial credentials

klist shows:

[root at bde-idm3 /var/kerberos/krb5kdc]$ klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: test at BDE-IDM3.US.ORACLE.COM

Valid starting     Expires            Service principal
01/20/05 14:53:59  01/21/05 00:53:59      krbtgt/HOST.COM at HOST.COM


Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached

A secondary problem is now the password seems to have been changed
after creating the keytab, and I can no longer kinit (without the
keytab):

[root at host /var/kerberos/krb5kdc]$ kinit test
Password for test at host.US.ORACLE.COM:
kinit(v5): Password incorrect while getting initial credentials

For testing purposes I'm using my hostname as my realm name.  I've
tried logging in as root and as test, but get the same result.



More information about the Kerberos mailing list