[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cannot contact any KDC for requested realm




My first thought was also a  dns issue, is the kadmind process running? 
The only way I can duplicate this error on my end is to kill my kadmind 
process which gives me a similar error.

-Donald


Markus Moeller wrote:
> I think your problem is a missing config line under domain_realm. kadmin 
> will try to get a principal for suse.idc.oracle.com, but you don't define to 
> which realm oracle.com belongs
>
> Add .oracle.com = SUSE.DE to
>
> [domain_realm]
>         .suse.de = SUSE.DE
>
>
> Regards
> Markus
>
>
> "shashi" <shashi.boddula@oracle.com> wrote in message 
> 457E6326.2000701@oracle.com">news:457E6326.2000701@oracle.com...
>   
>> Hi All
>>
>> I am new to heimdal kerberos, i am facing problem with heimdal 
>> 0.6.1rc3-55.24, and i am not able to
>> track where i have done mistake.
>>
>> My database is here
>> --------------------
>>
>> SuSE:/var/heimdal # ls
>> .  ..  heimdal.db  kadmind.acl  log  m-key
>> SuSE:/var/heimdal #
>>
>> My kdc.conf
>> -------------
>>
>> [libdefaults]
>>                                                                # 
>> default_realm = MY.REALM
>>        clockskew = 300
>>        default_realm = SUSE.DE
>>
>> [realms]
>> SUSE.DE = {
>>        kdc = suse.idc.oracle.com
>>        default_domain = suse.de
>>        kpasswd_server = suse.idc.oracle.com
>> }
>> [domain_realm]
>>        .suse.de = SUSE.DE
>> #       .my.domain = MY.REALM
>>
>> [logging]
>>        default = SYSLOG:NOTICE:DAEMON
>>        kdc = FILE:/var/log/kdc.log
>>        kadmind = FILE:/var/log/kadmind.log
>>
>> [appdefaults]
>> pam = {
>>        ticket_lifetime = 1d
>>        renew_lifetime = 1d
>>        forwardable = true
>>        proxiable = false
>>        retain_after_close = false
>>        minimum_uid = 0
>>        debug = false
>> }
>> SuSE:~ #
>>
>>
>> My principles
>> -------------
>> SuSE:~ # kadmin -l
>> kadmin> list *
>>  default@SUSE.DE
>>  root/admin@SUSE.DE ----------------> This is what i added as my 
>> administrator principle
>>  kadmin/admin@SUSE.DE
>>  kadmin/hprop@SUSE.DE
>>  krbtgt/SUSE.DE@SUSE.DE
>>  kadmin/changepw@SUSE.DE
>>  changepw/kerberos@SUSE.DE
>> kadmin>
>>
>>
>> My ACL
>> ------
>>
>> SuSE:/var/heimdal # cat kadmind.acl
>> root/admin      all     *
>> SuSE:/var/heimdal #
>>
>>
>> Got a ticket
>> -------------
>>
>> SuSE:~ # kinit root/admin
>> root/admin@SUSE.DE's Password:
>> kinit: NOTICE: ticket renewable lifetime is 1 week
>> SuSE:~ # klist -a
>> Credentials cache: FILE:/tmp/krb5cc_0
>>        Principal: root/admin@SUSE.DE
>>    Cache version: 4
>>
>> Server: krbtgt/SUSE.DE@SUSE.DE
>> Ticket etype: des3-cbc-sha1, kvno 1
>> Auth time:  Dec 12 13:31:57 2006
>> End time:   Dec 12 23:31:57 2006
>> Renew till: Dec 19 13:31:57 2006
>> Ticket flags: renewable, initial
>> Addresses: IPv4:152.69.168.146
>>
>> SuSE:~ #
>>
>>
>>
>> My problem
>> -----------
>> SuSE:~ # kadmin
>> kadmin: kadm5_init_with_password: Cannot contact any KDC for requested 
>> realm
>> SuSE:~ #
>>
>>
>>
>> Please , anyone one can tell where i have done mistake , what is the 
>> problem here ? . I am try to
>> solve this problem from the past two days , but no help from google.
>>
>> Another problem is, log files keep on complaining about 
>> "/var/heimdal/kdc.conf:0: cannot open file"
>> , what is the value of this file ? what i need to define in this file ?
>>
>>
>> Thanks & Regards,
>> Shashi Kanth
>>
>>
>>
>>
>>     
>
>
>
>
>
>
>