[36570] in Kerberos
Re: Cannot contact any KDC for realm
daemon@ATHENA.MIT.EDU (Benjamin Kaduk)
Fri Oct 24 13:16:29 2014
Date: Fri, 24 Oct 2014 12:47:35 -0400 (EDT)
From: Benjamin Kaduk <kaduk@mit.edu>
To: Lars Hanke <debian@lhanke.de>
In-Reply-To: <544A3819.6010101@lhanke.de>
Message-ID: <alpine.GSO.1.10.1410241246200.27826@multics.mit.edu>
MIME-Version: 1.0
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Fri, 24 Oct 2014, Lars Hanke wrote:
> During boot of my system (Debian Wheezy) k5start is invoked to supply a
> ticket for accessing the AD DC by nslcd. However, during boot it fails:
Do you have kdc entries explicitly listed in the appropriate [realms]
section in your krb5.conf, or do you rely on DNS SRV records?
The most obvious cause would be that either the network is not available
at all, or DNS resolution is not available, at that point in the boot
order. The init script invoking k5start would need to be modified to
depend on those services appropriately.
-Ben
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
