MIT Kerberos: Cannot resolve network address for KDC in realm
Rob
I've been having a hard time getting MIT Kerberos up and running on
solaris 10.
The latest of my problems is this error when i run kinit from the KDC.
dsldap01$ /krb5/bin/kinit rob/ad...@alezeo.com
kinit(v5): Cannot resolve network address for KDC in realm alezeo.com
while getting initial credentials
This sounds like a DNS problem, but I don't think it is.
dsldap01$ host -t A dsldap01.alezeo.com
dsldap01.alezeo.com has address 10.93.120.72
Also in my hosts file:
127.0.0.1 localhost
10.93.120.72 dsldap01.alezeo.com dsldap01 loghost
Here is my krb5.conf
=============
[libdefaults]
dns_lookup_realm = false
default_realm = ALEZEO.COM
ticket_lifetime = 600
kdc_req_checksum_type = 2
checksum_type = 2
ccache_type = 1
default_tkt_enctypes = des-cbc-crc
default_tgs_enctypes = des-cbc-crc
[kdc]
profile = /krb5/var/krb5kdc/kdc.conf
[logging]
default = FILE:/var/krb5/kdc.log
kdc = FILE:/var/krb5/kdc.log
admin_server = FILE:/var/krb5/adm.log
[realms]
ALEZEO.COM = {
kdc = dsldap01.alezeo.com:88
admin_server = dsldap01.alezeo.com:749
default_domain = alezeo.com
}
[domain_realm]
.alezeo.com = ALEZEO.COM
alezeo.com = ALEZEO.COM
[login]
krb4_convert = 0
Here is my kdc.conf
============
[kdcdefaults]
kdc_ports = 88
[realms]
alezeo.com = {
profile = /etc/krb5.conf
database_name = /krb5/var/krb5kdc/principal
admin_database_name = /krb5/var/krb5kdc/kadm5_adb
admin_database_lockfile = /krb5/var/krb5kdc/
kadm5_adb.lock
admin_keytab = FILE:/krb5/var/krb5kdc/kadm5.keytab
acl_file = /krb5/var/krb5kdc/kadm5.acl
kdc_ports = 88
kadmind_port = 749
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
master_key_type = des-cbc-crc
supported_enctypes = des-cbc-crc:normal des:v4
}
Any suggestions are appreciated!
TIA!
miguel....@arcelormittal.com
Realm names are always upper case!
Met vriendelijke groet
Best regards
Bien � vous
Miguel SANDERS
ArcelorMittal Gent
UNIX Systems & Storage
IT Supply Western Europe | John Kennedylaan 51
B-9042 Gent
T +32 9 347 3538 | F +32 9 347 4901 | M +32478 805 023
E miguel....@arcelormittal.com
www.arcelormittal.com/gent
-----Oorspronkelijk bericht-----
Van: kerberos...@mit.edu [mailto:kerberos...@mit.edu] Namens Rob
Verzonden: donderdag 30 april 2009 15:03
Aan: kerb...@mit.edu
Onderwerp: MIT Kerberos: Cannot resolve network address for KDC in realm
Hi:
[kdc]
profile = /krb5/var/krb5kdc/kdc.conf
[login]
krb4_convert = 0
Any suggestions are appreciated!
TIA!
________________________________________________
Kerberos mailing list Kerb...@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
****
This message and any attachment are confidential, intended solely for the use of the individual or entity to whom it is addressed and may be protected by professional secrecy or intellectual property rights.
If you have received it by mistake, or are not the named recipient(s), please immediately notify the sender and delete the message. You are hereby notified that any unauthorized use, copying or dissemination of any or all information contained in this message is prohibited.
Arcelormittal shall not be liable for the message if altered, falsified, or in case of error in the recipient.
This message does not constitute any right or commitment for ArcelorMittal except when expressly agreed otherwise in writing in a separate agreement.
****
Rob
> alezeo.com should be upper case.
> Realm names are always upper case!
>
Thanks, that was it!