Cannot contact any KDC for realm
Brandon Allbery
ballbery at sinenomine.net
Fri Oct 24 12:53:24 EDT 2014
On Fri, 2014-10-24 at 13:29 +0200, Lars Hanke wrote:
> During boot of my system (Debian Wheezy) k5start is invoked to supply a
> ticket for accessing the AD DC by nslcd. However, during boot it fails:
>
> k5start: error getting credentials: Cannot contact any KDC for realm
> 'MY.AD.REALM'
>
> If I restart k5start using the very same init script once the system is
> up and running everything works nicely.
>
> On another system I neither have any issues using a similar boot stack.
>
> What exactly does this message want to tell me, i.e. where do I start
> troubleshooting?
First thing I'd check is whether the network is actually up when it
runs. This means more than just the proper network interfaces on the
machine being up; for example, certain network and switch configurations
can lead to the switch port not passing packets until spanning tree has
completed.
--
brandon s allbery kf8nh sine nomine associates
allbery.b at gmail.com ballbery at sinenomine.net
unix openafs kerberos infrastructure xmonad http://sinenomine.net
More information about the Kerberos
mailing list