kadmin: Cannot contact any KDC for requested realm while initializing kadmin interface
bigwhite
bigwhite at gmail.com
Wed Oct 26 12:55:07 EDT 2005
Thank you, Kevin.
After I did a few google search, i got the solution.
Loopback address is not able to do kdc resolution, a mapping from
*REAL* ip address to the full qualified hostname is required to get
kadmin and kinit work. Please see below:
======================old /etc/hosts ===========================
127.0.0.1 mykdc.krb.com localhost.localdomain localhost mykdc
======================new /etc/hosts ===========================
10.195.3.99 mykdc.krb.com
127.0.0.1 localhost.localdomain localhost mykdc
Thanks,
yizeng
Kevin Coffman wrote:
> I would suspect a simple error in the configuration of your local
> realm in /etc/krb5.conf, or a DNS issue.
>
> Can you post your /etc/krb5.conf ?
>
> On 10/26/05, yi zeng <bigwhite at gmail.com> wrote:
> > Hi, there,
> > I set up a MIT Kerberos 5 master kdc on a pc in a private domain. I have
> > /etc/hosts mapping hostname of the pc to its ip address and /etc/krb5.conf
> > pointing kdc to the host name, which i believe correctly set.
> > The problem is that, I can do kadmin.local but I just couldn't do kadmin.
> > It always complains:
> > kadmin: Cannot contact any KDC for requested realm while initializing kadmin
> > interface
> > kinit with no parameters reports the similar error:
> > kinit(v5): Cannot contact any KDC for requested realm while getting initial
> > credentials
> > but kinit works if I supply a principal from another realm (that realm and
> > its kdc is also set in /krb5.conf).
> > I am confused that why kinit and kadmin just couldn't work in local realm?
> > Is this a feature or I missed any setting issues?
> > Thank you very much.
> > yizeng
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list