Error when creating realm in openldap
Ethan Koh
ethankoh82 at gmail.com
Mon Nov 7 19:49:13 EST 2011
The "hostname" command outputs "ubuntu".
So I guess the problem is really in /etc/hosts?
If so, how should I change it such that both kerberos and ldap could
resolve it?
Many thanks in advance.
On Mon, Nov 7, 2011 at 11:34 PM, Greg Hudson <ghudson at mit.edu> wrote:
> On 11/07/2011 09:50 AM, Ethan Koh wrote:
> > kdb5_ldap_util: Hostname cannot be canonicalized
> krb5_sname_to_principal,
> > while adding entries to the database
>
> kdb5_ldap_util needs to create a kadmin/hostname principal for your
> realm. To do that, it wants to know the canonical name of your host.
> This is determined by:
>
> 1. Calling gethostname() (same output as the "hostname" command)
> 2. Forward-resolving the hostname with getaddrinfo() to get the
> canonical name. If this step fails, an error like the one you saw is
> thrown.
> 3. Reverse-resolving the IP address from #2 with getnameinfo(), unless
> "rdns = false" is set in [libdefaults] in krb5.conf. If this step
> fails, the result of step 2 is used unmodified, so it's probably not
> your issue.
>
> > ----------------------
> > /etc/hosts
> > ----------------------
> > 127.0.0.1 kerberos.example.com kerberos
> > 127.0.0.1 ldap.example.com ldap
> > 192.168.0.101 ubuntu
>
> What does the "hostname" command output?
>
>
More information about the Kerberos
mailing list