kinit ignores kdc in config file on Mac 10.5
petesea@bigfoot.com
petesea at bigfoot.com
Fri Nov 7 02:46:25 EST 2008
I have a user with a Mac 10.5 system and it SEEMS like kinit is ignoring
the kdc entries in the config file. Instead it APPEARS to do a DNS query
for the realm and then uses the A records returned and sends the kerberos
request packets to them. The result is kinit takes a while and eventually
fails with:
Kerberos Login Failed: Cannot contact any KDC for requested realm
I'm quite sure it's reading the config file because I've run kinit via
dtruss and see it opening the config file and reading it.
I've tried disabling dns lookups in the config file, by setting both
dns_lookup_kdc and dns_lookup_realm to false, but that doesn't make a
difference.
There are many other Mac 10.5 users that work fine using exactly the same
config file, so it must be some setting on this particular Mac, but I'm
out of ideas where to look.
Thanks for any help.
More information about the Kerberos
mailing list