[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cannot contact any KDC for requested realm



SuSE:~ # ps -ef | grep -i heimdal
root      8758     1  0 13:12 pts/0    00:00:00 /usr/lib/heimdal/sbin/kdc
root      8760     1  0 13:12 pts/0    00:00:00 /usr/lib/heimdal/sbin/kadmind
root      8762     1  0 13:12 pts/0    00:00:00 /usr/lib/heimdal/sbin/kpasswdd
root     16491  8510  0 23:05 pts/0    00:00:00 grep -i heimdal
SuSE:~ #


Donald Norwood wrote:
> 
> My first thought was also a  dns issue, is the kadmind process running?
> The only way I can duplicate this error on my end is to kill my kadmind
> process which gives me a similar error.
> 
> -Donald
> 
> 
> Markus Moeller wrote:
>> I think your problem is a missing config line under domain_realm.
>> kadmin will try to get a principal for suse.idc.oracle.com, but you
>> don't define to which realm oracle.com belongs
>>
>> Add .oracle.com = SUSE.DE to
>>
>> [domain_realm]
>>         .suse.de = SUSE.DE
>>
>>
>> Regards
>> Markus
>>
>>
>> "shashi" <shashi.boddula@oracle.com> wrote in message
>> 457E6326.2000701@oracle.com">news:457E6326.2000701@oracle.com...
>>  
>>> Hi All
>>>
>>> I am new to heimdal kerberos, i am facing problem with heimdal
>>> 0.6.1rc3-55.24, and i am not able to
>>> track where i have done mistake.
>>>
>>> My database is here
>>> --------------------
>>>
>>> SuSE:/var/heimdal # ls
>>> .  ..  heimdal.db  kadmind.acl  log  m-key
>>> SuSE:/var/heimdal #
>>>
>>> My kdc.conf
>>> -------------
>>>
>>> [libdefaults]
>>>                                                                #
>>> default_realm = MY.REALM
>>>        clockskew = 300
>>>        default_realm = SUSE.DE
>>>
>>> [realms]
>>> SUSE.DE = {
>>>        kdc = suse.idc.oracle.com
>>>        default_domain = suse.de
>>>        kpasswd_server = suse.idc.oracle.com
>>> }
>>> [domain_realm]
>>>        .suse.de = SUSE.DE
>>> #       .my.domain = MY.REALM
>>>
>>> [logging]
>>>        default = SYSLOG:NOTICE:DAEMON
>>>        kdc = FILE:/var/log/kdc.log
>>>        kadmind = FILE:/var/log/kadmind.log
>>>
>>> [appdefaults]
>>> pam = {
>>>        ticket_lifetime = 1d
>>>        renew_lifetime = 1d
>>>        forwardable = true
>>>        proxiable = false
>>>        retain_after_close = false
>>>        minimum_uid = 0
>>>        debug = false
>>> }
>>> SuSE:~ #
>>>
>>>
>>> My principles
>>> -------------
>>> SuSE:~ # kadmin -l
>>> kadmin> list *
>>>  default@SUSE.DE
>>>  root/admin@SUSE.DE ----------------> This is what i added as my
>>> administrator principle
>>>  kadmin/admin@SUSE.DE
>>>  kadmin/hprop@SUSE.DE
>>>  krbtgt/SUSE.DE@SUSE.DE
>>>  kadmin/changepw@SUSE.DE
>>>  changepw/kerberos@SUSE.DE
>>> kadmin>
>>>
>>>
>>> My ACL
>>> ------
>>>
>>> SuSE:/var/heimdal # cat kadmind.acl
>>> root/admin      all     *
>>> SuSE:/var/heimdal #
>>>
>>>
>>> Got a ticket
>>> -------------
>>>
>>> SuSE:~ # kinit root/admin
>>> root/admin@SUSE.DE's Password:
>>> kinit: NOTICE: ticket renewable lifetime is 1 week
>>> SuSE:~ # klist -a
>>> Credentials cache: FILE:/tmp/krb5cc_0
>>>        Principal: root/admin@SUSE.DE
>>>    Cache version: 4
>>>
>>> Server: krbtgt/SUSE.DE@SUSE.DE
>>> Ticket etype: des3-cbc-sha1, kvno 1
>>> Auth time:  Dec 12 13:31:57 2006
>>> End time:   Dec 12 23:31:57 2006
>>> Renew till: Dec 19 13:31:57 2006
>>> Ticket flags: renewable, initial
>>> Addresses: IPv4:152.69.168.146
>>>
>>> SuSE:~ #
>>>
>>>
>>>
>>> My problem
>>> -----------
>>> SuSE:~ # kadmin
>>> kadmin: kadm5_init_with_password: Cannot contact any KDC for
>>> requested realm
>>> SuSE:~ #
>>>
>>>
>>>
>>> Please , anyone one can tell where i have done mistake , what is the
>>> problem here ? . I am try to
>>> solve this problem from the past two days , but no help from google.
>>>
>>> Another problem is, log files keep on complaining about
>>> "/var/heimdal/kdc.conf:0: cannot open file"
>>> , what is the value of this file ? what i need to define in this file ?
>>>
>>>
>>> Thanks & Regards,
>>> Shashi Kanth
>>>
>>>
>>>
>>>
>>>     
>>
>>
>>
>>
>>
>>
>>   
>