krb5kdc:Unable to access Kerberos database while initializing

=?GB2312?B?1Kq7qtC7?= xyh2029 at gmail.com
Thu Nov 22 04:53:04 EST 2007


Hello, group:
    I have installed kerberos v1.6.3 on my freebsd, and taken openldap with
back_bdb as the back database. After I finished the krb5.conf and
kdc.conf,I began
to start krb5kdc, but I got an error, and the message was "krb5kdc:Unable to
access Kerberos database". I have checked the configuration and
openldap several times, and it seems that the openldap worked normally, but
unfoturnately, krb5kdc still can't work, and I get the same error message. I
can not find the way to deal with the issue till right now.

my krb.conf:
[libdefaults]
        default_realm = EXAMPLE.COM

        default_keytab_name = /etc/krb5.keytab
        default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
        default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
        dns_lookup_kdc = true

[realms]
        EXAMPLE.COM = {
                admin_server = kerberos.example.com:749
                default_domain = example.com
                kdc = kerberos.example.com:88
                database_module = ldapconf
        }

[domain_realm]
        .example.com = EXAMPLE.COM
        example.com = EXAMPLE.COM

[logging]
        kdc = FILE:/var/log/kdc.log
        admin_server = FILE:/var/log/kadmin.log
        default = FILE:/var/log/kerberos.log

[dbdefaults]
        ldap_kerberos_container_dn = cn=kerberos,dc=example,dc=com
        database_module = ldapconf

[dbmodules]
        db_module_dir = /usr/local/lib/krb5/plugins/kdb
        ldapconf = {
        db_library = kldap
        ldap_server = ldap://kerberos.example.com:389
        ldap_kerberos_container_dn = cn=kerberos,dc=example,dc=com
        ldap_kdc_dn = cn=kadmin,dc=example,dc=com
        ldap_kadmind_dn = cn=kadmin,dc=example,dc=com
        ldap_service_password_file = /usr/local/var/krb5kdc/service.keyfile
        ldap_conns_per_server = 5
        }

my kdc.conf:

[kdcdefaults]
        kdc_ports = 88

[realms]
        EXAMPLE.COM = {
                kadmind_port = 749
                acl_file = /usr/local/var/krb5kdc/kadm5.acl
                kdc_ports = 88
                max_life = 10h 0m 0s
                max_renewable_life = 7d 0h 0m 0s
        }

Where is the issue? Thank you very much!

Yuanhua



More information about the Kerberos mailing list