[18986] in Kerberos
mit kerberosv5 1.2.7 - kadmin wont connect - please help
daemon@ATHENA.MIT.EDU (Yan)
Mon Mar 31 02:01:12 2003
From: "Yan" <ymercier@mxtest.homedns.org>
Message-ID: <MSOha.15288$r03.247661@wagner.videotron.net>
Date: Sun, 30 Mar 2003 22:55:25 -0500
To: kerberos@MIT.EDU
Errors-To: kerberos-bounces@mit.edu
Hi group,
I compiled it from source on Solaris8.
I followed the installation guide, created an admin
principal, an ACL, filled krb5.conf and kdc.conf.
The installation as /opt/k5 for --prefix so I created
/opt/k5/etc and /opt/k5/var manually to put my config
files.
When starting krb5kdc this port appears :
--------------------------------------------------------
UDP: IPv4
192.168.0.8.88 Idle
--------------------------------------------------------
and the ports for kadmind :
--------------------------------------------------------
UDP: IPv4
*.464 Idle
TCP: IPv4
*.749 *.* 0 0 24576 0 LISTEN
--------------------------------------------------------
So I assume my servers are up and running, the procs
are in ps -ef output as well.
kadmin.local works here is the getprincs output:
--------------------------------------------------------
kadmin.local: getprincs
K/M@NEOTOKYO.COM
kadmin/admin@NEOTOKYO.COM
kadmin/changepw@NEOTOKYO.COM
kadmin/history@NEOTOKYO.COM
krbtgt/NEOTOKYO.COM@NEOTOKYO.COM
yan/admin@NEOTOKYO.COM
--------------------------------------------------------
I found while googling that someone has had this problem
before, and he was told to make sure that its host file was
configured to have the FQDN of the machine appearing first
in the host file for that IP. It didnt solved my problem.
Heres the problem :
--------------------------------------------------------
sun2# kadmin -p yan/admin@NEOTOKYO.COM
Authenticating as principal yan/admin@NEOTOKYO.COM with password.
kadmin: Cannot contact any KDC for requested realm while initializing kadmin
interface
--------------------------------------------------------
Here is my krb5.conf file :
--------------------------------------------------------
[libdefaults]
ticket_lifetime = 600
default_realm = NEOTOKYO.COM
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
[realms]
NEOTOKYO.COM = {
kdc = SUN2.NEOTOKYO.COM
admin_server = SUN2.NEOTOKYO.COM
default_domain = NEOTOKYO.COM
}
[domain_realm]
.neotokyo.com = NEOTOKYO.COM
neotokyo.com = NEOTOKYO.COM
[logging]
kdc = FILE:/opt/k5/var/krb5kdc/kdc.log
admin_server = FILE:/opt/k5/var/krb5kdc/kadmin.log
--------------------------------------------------------
Neither kdc.log nor kadmind.log are showing anything
special, not even the connection requests.
You can reach me at ymercier@mxtest.homedns.org if you wish
to help
Yannick
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
