MIT Kerberos: Cannot resolve network address for KDC in realm

Rob isanamespace at gmail.com
Thu Apr 30 09:03:16 EDT 2009


Hi:

I've been having a hard time getting MIT Kerberos up and running on
solaris 10.

The latest of my problems is this error when i run kinit from the KDC.

dsldap01$ /krb5/bin/kinit rob/admin at alezeo.com
kinit(v5): Cannot resolve network address for KDC in realm alezeo.com
while getting initial credentials

This sounds like a DNS problem, but I don't think it is.

dsldap01$ host -t A dsldap01.alezeo.com
dsldap01.alezeo.com has address 10.93.120.72

Also in my hosts file:
127.0.0.1       localhost
10.93.120.72    dsldap01.alezeo.com        dsldap01        loghost

Here is my krb5.conf
=============
[libdefaults]
        dns_lookup_realm = false
        default_realm = ALEZEO.COM
        ticket_lifetime = 600
        kdc_req_checksum_type = 2
        checksum_type = 2
        ccache_type = 1
        default_tkt_enctypes = des-cbc-crc
        default_tgs_enctypes = des-cbc-crc

[kdc]
        profile = /krb5/var/krb5kdc/kdc.conf


[logging]
        default = FILE:/var/krb5/kdc.log
        kdc = FILE:/var/krb5/kdc.log
        admin_server = FILE:/var/krb5/adm.log

[realms]
        ALEZEO.COM = {
                kdc = dsldap01.alezeo.com:88
                admin_server = dsldap01.alezeo.com:749
                default_domain = alezeo.com
        }

[domain_realm]
        .alezeo.com = ALEZEO.COM
        alezeo.com = ALEZEO.COM

[login]
    krb4_convert = 0


Here is my kdc.conf
============
[kdcdefaults]
        kdc_ports = 88

[realms]
        alezeo.com = {
                profile = /etc/krb5.conf
                database_name = /krb5/var/krb5kdc/principal
                admin_database_name = /krb5/var/krb5kdc/kadm5_adb
                admin_database_lockfile = /krb5/var/krb5kdc/
kadm5_adb.lock
                admin_keytab = FILE:/krb5/var/krb5kdc/kadm5.keytab
                acl_file = /krb5/var/krb5kdc/kadm5.acl
                kdc_ports = 88
                kadmind_port = 749
                max_life = 10h 0m 0s
                max_renewable_life = 7d 0h 0m 0s
                master_key_type = des-cbc-crc
                supported_enctypes = des-cbc-crc:normal des:v4
        }


Any suggestions are appreciated!

TIA!



More information about the Kerberos mailing list