Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) X-RT-Original-Encoding: iso-8859-1 Content-Length: 4054 From ealovecraft@hotmail.com Tue Apr 23 00:32:47 2002 Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id AAA26009 for ; Tue, 23 Apr 2002 00:32:46 -0400 (EDT) Received: from hotmail.com (f173.law7.hotmail.com [216.33.237.173]) by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id AAA27580 for ; Tue, 23 Apr 2002 00:32:45 -0400 (EDT) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Mon, 22 Apr 2002 21:32:45 -0700 Received: from 24.166.144.217 by lw7fd.law7.hotmail.msn.com with HTTP; Tue, 23 Apr 2002 04:32:44 GMT Message-Id: Date: Tue, 23 Apr 2002 04:32:44 +0000 From: "Edgar Lovecraft" To: krb5-bugs@MIT.EDU Subject: Cannot find KDC problems >Number: 1094 >Category: pending >Synopsis: Cannot find KDC problems >Confidential: yes >Severity: serious >Priority: medium >Responsible: gnats-admin >State: open >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Tue Apr 23 00:33:00 EDT 2002 >Last-Modified: >Originator: >Organization: >Release: >Environment: >Description: >How-To-Repeat: >Fix: >Audit-Trail: >Unformatted:

I ran across this listing when I was having some troubles getting kadmin and kinit to find the KDC for my realm in a new KerberosV install on RedHat 7.2 on an isolated network.  What I eventually traced it down to was this.  The defined host name for the local machine was kerberos.foobar.com (/etc/sysconfig/network HOSTNAME=kerberos.foobar.com), same for the /etchosts file (127.0.0.1 kerberos.foobar.com kerberos), of course this is also what dns was pointing to krbmaster A 192.168.0.1, kerberos CNAME krbmaster, _kerberos._upd SRV 0 0 88 krbmaster, etc.)  Once I changed the host name on the local machine from kerberos to krbmaster (in /etc/sysconfig/network and /etc/hosts), everything worked just fine.  Just thought that I would let you know as I could not find anything on this out there on the web, this was the closest find I had.  Mabey I missed something in the DOCS, but I do not remember reading anything this ! potential conflict.

Cannot find KDC

daemon@ATHENA.MIT.EDU (Nov-William H Rahe)
Wed Jul 31 10:23:41 1991

Date: Wed, 31 Jul 91 07:59:40 MDT From: whrahe@somnet.sandia.gov (Nov-William H Rahe) To: krb5-bugs@MIT.EDU I have successfully? built V5 on a Sun 4/110. I created the database (/krb5/principal.xxx). Used kdb5_stash to preserve the key. Created two principals whrahe using kdb5_edit av4k facility and whrahev5 using kdb5_edit ank facility. Started krb5kdc in background (not in inetd) Using old V4 kinit I obtain tickets for whrahe. Using V5 kinit with whrahev5, I get: kinit: Cannot find KDC for requested realm while getting initial credentials. What piece of the puzzle am I missing? . You should make sure that you have created krb.conf and krb.realms files in /krb5. If that didn't fix the problem, you may have discovered a more deep-seated problem with Kerberos V5 on Suns. I've gotten a similar report from someone else who said that his krb.conf and krb.realms were correctly set up but who still had problems. I don't know what explicitly causing the problem or a fix yet, however. If you can find more information, I would appreciate it if you could send it to krb5-bugs@MIT.EDU. - Ted -------------------------------------------------------------------------- I also have correct krb.conf and krb.realms. I will begin to see if I can isolate what realm krb5_locate_kdc is passing to sendto_kdc.


Send and receive Hotmail on your mobile device: Click Here