[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Addendum: KDC not found even after connection was made

Well, just learned how to avoid compiling with OpenSSL libraries external
to heimdal sourcetree. So the ssl librarz version is not the case (I still
have the same problem).


  David Komanek

> Hi all,
> I ha the following problem:
> heimdal utilities as kinit, kadmin, ktutil etc. are working well when
> invoked on the same machine as kdc and kadmind run. I have copied the
> m-key and krb5.config files to the future slave server. Now I should,
> according to documentation, issue "ktutil get" command to create keytab
> file with appropriate host entry on the slave. But it complains
> ktutil: kadm5_create_principal(host/tao.natur.cuni.cz): unable to reach
> any KDC in realm MYREALM.CZ
> But in contrast to this, on the master I have in logfile:
> 2003-10-13T13:46:18 connection from IPv4:a.b.c.d
> where a.b.c.d is the IP of the machine claiming it is unable to find KDC.
> No more messages in logs.
> My relevant krb5.config settings:
> [logging]
> default = FILE:/var/heimdal/krb5libs.log
> kdc = FILE:/var/heimdal/krb5kdc.log
> admin_server = FILE:/var/heimdal/kadmind.log
> [ktutil]
>         dns_lookup_realm = false
>         dns_lookup_kdc = false
>         kdc = e.f.g.h
> I do not use dns_lookup because I still concurently use krb4 and want not
> to risk problems emerging from mixed krb4 and heimdal communication.
> Do you have some ideas, what is wrong ? Could be the problem different
> architecture (littleendian/bigendian) of both machines ? Or the ssl
> version used (master - internal functions of heimdal, slave - openssl
> 0.9.7c) ?
> Thanks in advance,
>   David Komanek