Problem in get ticket from Kerberos
Bruno Steven
aspenbr at gmail.com
Tue Aug 11 05:32:28 EDT 2009
Hello
I have problem for get tickets from kerberos in my Centos 5.2, when I type
this command /usr/local/kerberos/bin/kinit admin at LABCOM.UNASP
Show this message
kinit(v5): Cannot resolve network address for KDC in realm LABCOM.UNASP
while getting initial credentials
I don´t understand why this message !!! My DNS is work , I can resolve the
domain (LABCOM.UNASP)
nslookup labcom.unasp
Server: 192.168.4.66
Address: 192.168.4.66#53
Name: labcom.unasp
Address: 192.168.4.2
My DNS server is on Windows 2003 Server , this command kinit was tested from
the server Linux with Centos 5.2 using version keberos 1.6 of MIT , follow I
paste kr5b.conf
[libdefaults]
# determines your default realm name
default_realm = LABCOM.UNASP
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
[realms]
LABCOM.UNASP = {
# specifies where the servers are and on
# which ports they listen (88 and 749 are
# the standard ports)
kdc = kdc.AmbLivre:88
admin_server = kdc.AmbLivre:749
default_domain = labcom.unasp
}
[domain_realm]
# maps your DNS domain name to your Kerberos
# realm name
.labcom.unasp = LABCOM.UNASP
labcom. = LABCOM.UNASP
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[logging]
# determines where each service should write its
# logging info
kdc = SYSLOG:INFO:DAEMON
admin_server = SYSLOG:INFO:DAEMON
default = SYSLOG:INFO:DAEMON
and kdc.conf
[kdcdefaults]
v4_mode = nopreauth
kdc_tcp_ports = 750,88
[realms]
LABCOM.UNASP = {
database_name = /var/kerberos/krb5kdc/principal
key_stash_file = /var/kerberos/krb5kdc/.k5.LABCOM.UNASP
master_key_type = des3-hmac-sha1
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal
des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4
des-cbc-crc:a
fs3
kdc_ports = 750,88
max_file = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
}
I try resolv but I can´t resolve this problem , somebody can helpme get
ticket from keberos !!!
Thanks
--
Bruno Steven - Administrador de sistemas.
LPIC-1 - LPI ID: lpi000119659 / Code: p2e4wz47e4
https://www.lpi.org/caf/Xamman/certification
MCP-Windows 2003 - TranscriptID: 793804 / Access Code: 080089100
https://mcp.microsoft.com/authenticate/validatemcp.aspx
More information about the Kerberos
mailing list