Problem in get ticket from Kerberos

Bruno Steven aspenbr at gmail.com
Tue Aug 11 05:32:28 EDT 2009


Hello

I have problem for get tickets from kerberos in my Centos 5.2, when I type
this command /usr/local/kerberos/bin/kinit admin at LABCOM.UNASP
Show this message

kinit(v5): Cannot resolve network address for KDC in realm LABCOM.UNASP
while getting initial credentials

I don´t understand why this message !!! My DNS is work , I can resolve the
domain (LABCOM.UNASP)

 nslookup  labcom.unasp
Server:         192.168.4.66
Address:        192.168.4.66#53

Name:   labcom.unasp
Address: 192.168.4.2


My DNS server is on Windows 2003 Server , this command kinit was tested from
the server Linux with Centos 5.2 using version keberos 1.6 of MIT , follow I
paste kr5b.conf

[libdefaults]
    # determines your default realm name
    default_realm = LABCOM.UNASP
    default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
    default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
    permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
    kdc_timesync = 1
    ccache_type = 4
    forwardable = true
    proxiable = true

[realms]
    LABCOM.UNASP = {
        # specifies where the servers are and on
        # which ports they listen (88 and 749 are
        # the standard ports)
        kdc = kdc.AmbLivre:88
        admin_server = kdc.AmbLivre:749
        default_domain = labcom.unasp
  }

[domain_realm]
    # maps your DNS domain name to your Kerberos
    # realm name
    .labcom.unasp  = LABCOM.UNASP
    labcom. = LABCOM.UNASP
[kdc]
    profile = /var/kerberos/krb5kdc/kdc.conf
[logging]
    # determines where each service should write its
    # logging info
    kdc = SYSLOG:INFO:DAEMON
    admin_server = SYSLOG:INFO:DAEMON
    default = SYSLOG:INFO:DAEMON


and kdc.conf

[kdcdefaults]
 v4_mode = nopreauth
 kdc_tcp_ports = 750,88

[realms]
 LABCOM.UNASP = {
  database_name = /var/kerberos/krb5kdc/principal
  key_stash_file = /var/kerberos/krb5kdc/.k5.LABCOM.UNASP
  master_key_type = des3-hmac-sha1
  acl_file = /var/kerberos/krb5kdc/kadm5.acl
  dict_file = /usr/share/dict/words
  admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
  supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal
des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4
des-cbc-crc:a
fs3
  kdc_ports = 750,88
  max_file = 10h 0m 0s
  max_renewable_life = 7d 0h 0m 0s
}

I try resolv but I can´t  resolve this problem , somebody can helpme get
ticket from keberos !!!

Thanks

-- 
Bruno Steven - Administrador de sistemas.
LPIC-1 - LPI ID: lpi000119659 / Code: p2e4wz47e4
https://www.lpi.org/caf/Xamman/certification

MCP-Windows 2003 - TranscriptID: 793804 / Access Code: 080089100
https://mcp.microsoft.com/authenticate/validatemcp.aspx



More information about the Kerberos mailing list