[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cannot contact any KDC for requested realm

To: heimdal-discuss@sics.se
Subject: Re: Cannot contact any KDC for requested realm
From: "Markus Moeller" <huaraz@moeller.plus.com>
Date: Tue, 12 Dec 2006 23:02:31 -0000
References: <457E6326.2000701@oracle.com>
Sender: owner-heimdal-discuss@sics.se

I think your problem is a missing config line under domain_realm. kadmin 
will try to get a principal for suse.idc.oracle.com, but you don't define to 
which realm oracle.com belongs

Add .oracle.com = SUSE.DE to

[domain_realm]
        .suse.de = SUSE.DE


Regards
Markus


"shashi" <shashi.boddula@oracle.com> wrote in message 
457E6326.2000701@oracle.com">news:457E6326.2000701@oracle.com...
> Hi All
>
> I am new to heimdal kerberos, i am facing problem with heimdal 
> 0.6.1rc3-55.24, and i am not able to
> track where i have done mistake.
>
> My database is here
> --------------------
>
> SuSE:/var/heimdal # ls
> .  ..  heimdal.db  kadmind.acl  log  m-key
> SuSE:/var/heimdal #
>
> My kdc.conf
> -------------
>
> [libdefaults]
>                                                                # 
> default_realm = MY.REALM
>        clockskew = 300
>        default_realm = SUSE.DE
>
> [realms]
> SUSE.DE = {
>        kdc = suse.idc.oracle.com
>        default_domain = suse.de
>        kpasswd_server = suse.idc.oracle.com
> }
> [domain_realm]
>        .suse.de = SUSE.DE
> #       .my.domain = MY.REALM
>
> [logging]
>        default = SYSLOG:NOTICE:DAEMON
>        kdc = FILE:/var/log/kdc.log
>        kadmind = FILE:/var/log/kadmind.log
>
> [appdefaults]
> pam = {
>        ticket_lifetime = 1d
>        renew_lifetime = 1d
>        forwardable = true
>        proxiable = false
>        retain_after_close = false
>        minimum_uid = 0
>        debug = false
> }
> SuSE:~ #
>
>
> My principles
> -------------
> SuSE:~ # kadmin -l
> kadmin> list *
>  default@SUSE.DE
>  root/admin@SUSE.DE ----------------> This is what i added as my 
> administrator principle
>  kadmin/admin@SUSE.DE
>  kadmin/hprop@SUSE.DE
>  krbtgt/SUSE.DE@SUSE.DE
>  kadmin/changepw@SUSE.DE
>  changepw/kerberos@SUSE.DE
> kadmin>
>
>
> My ACL
> ------
>
> SuSE:/var/heimdal # cat kadmind.acl
> root/admin      all     *
> SuSE:/var/heimdal #
>
>
> Got a ticket
> -------------
>
> SuSE:~ # kinit root/admin
> root/admin@SUSE.DE's Password:
> kinit: NOTICE: ticket renewable lifetime is 1 week
> SuSE:~ # klist -a
> Credentials cache: FILE:/tmp/krb5cc_0
>        Principal: root/admin@SUSE.DE
>    Cache version: 4
>
> Server: krbtgt/SUSE.DE@SUSE.DE
> Ticket etype: des3-cbc-sha1, kvno 1
> Auth time:  Dec 12 13:31:57 2006
> End time:   Dec 12 23:31:57 2006
> Renew till: Dec 19 13:31:57 2006
> Ticket flags: renewable, initial
> Addresses: IPv4:152.69.168.146
>
> SuSE:~ #
>
>
>
> My problem
> -----------
> SuSE:~ # kadmin
> kadmin: kadm5_init_with_password: Cannot contact any KDC for requested 
> realm
> SuSE:~ #
>
>
>
> Please , anyone one can tell where i have done mistake , what is the 
> problem here ? . I am try to
> solve this problem from the past two days , but no help from google.
>
> Another problem is, log files keep on complaining about 
> "/var/heimdal/kdc.conf:0: cannot open file"
> , what is the value of this file ? what i need to define in this file ?
>
>
> Thanks & Regards,
> Shashi Kanth
>
>
>
>

Follow-Ups:
- Re: Cannot contact any KDC for requested realm
  - From: shashi <shashi.boddula@oracle.com>
- Re: Cannot contact any KDC for requested realm
  - From: Donald Norwood <dnorwood@portalias.net>

References:
- Cannot contact any KDC for requested realm
  - From: shashi <shashi.boddula@oracle.com>

Prev by Date: Re: Cannot contact any KDC for requested realm

Next by Date: クリスマスまで

に間に合います！即日、登録時に３万円

お振込み致します。（オリオンメールマ

ガジン）

Prev by thread: Re: Cannot contact any KDC for requested realm
Next by thread: Re: Cannot contact any KDC for requested realm
Index(es):
- Date
- Thread