Kerberos kadmin error - Linux

This is a discussion on Kerberos kadmin error - Linux ; Hi Friends, I am new in this forum. I wish you peoples will help me in kerberos error. I am getting particular error message while doing this # /usr/kerberos/sbin/kadmin Authenticating as principal root/admin@SERVER.ANAND.COM with password. kadmin: Cannot contact any KDC ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Kerberos kadmin error

  1. Smile Kerberos kadmin error

    Hi Friends,

    I am new in this forum. I wish you peoples will help me in kerberos error.
    I am getting particular error message while doing this
    # /usr/kerberos/sbin/kadmin
    Authenticating as principal root/admin@SERVER.ANAND.COM with password.
    kadmin: Cannot contact any KDC for requested realm while initializing kadmin interface.

    My /etc/hosts :-
    192.168.100.59 server.anand.com
    127.0.0.1 localhost.localdomain localhost server.anand.com

    My /etc/krb5.conf

    [kdcdefaults]
    kdc_ports = 88
    dict_file = /usr/share/dict/words

    [logging]
    default = FILE:/var/log/krb5libs.log
    kdc = FILE:/var/log/krb5kdc.log
    admin_server = FILE:/var/log/kadmind.log

    [libdefaults]
    ticket_lifetime = 24000
    #ticket_lifetime = 24h
    default_realm = SERVER.ANAND.COM
    dns_lookup_realm = false
    dns_lookup_kdc = false
    ccache_type = 1
    forwardable = yes
    proxiable = true

    [realms]
    SERVER.ANAND.COM = {
    kdc = kdc.server.anand.com:88
    admin_server = kdc.server.anand.com:749
    default_domain = server.anand.com
    dict_file = /usr/share/dict/words
    database_name = /var/kerberos/krb5kdc/principal
    #admin_keytab = /etc/krb5.keytab
    admin_keytab = /usr/local/var/krb5kdc/kadm5.keytab
    }

    [domain_realm]
    .server.anand.com = SERVER.ANAND.COM
    server.anand.com = SERVER.ANAND.COM

    [kdc]
    profile = /etc/krb5.conf

    [appdefaults]
    pam = {
    debug = true
    ticket_lifetime = 36000
    renew_lifetime = 36000
    forwardable = true
    krb4_convert = false
    }

    rpm I installed

    # rpm -qa | grep krb
    krb5-auth-dialog-0.7-1
    pam_krb5-2.2.14-10
    krb5-devel-1.6.1-31.el5
    krb5-server-1.6.1-31.el5
    krb5-workstation-1.6.1-31.el5
    krb5-libs-1.6.1-31.el5
    ================================================== ======================

    Here I am not using any windows system. In my office I am using all Linux (RHEL/CentOS/Ubuntu).
    Please help me in above mention error.

    Thanks and regards,

    Anand.

  2. Re: Kerberos kadmin error

    Unfortunately, I don't have access to the a working Kerberos environment
    where I first came across the error, so going from memory - try
    specifying everything, eg;

    kadmin -p jyho/ad...@INTRA.FOOBAR.COM -s foo.intra.foobar.com \
    -r INTRA.FOOBAR.COM

    Hm, actually, looking at the previous example, you may just need to add
    the @INTRA.FOOBAR.COM to the -p argument.

    For the second question, it's entirely possibly to generate keys for one
    machine on another and then copy them (using a secure method!) via
    something like scp to another machine. The trick is simply to use the -k
    argument in kadmin, like so;

    ktadd -k /home/jyho/bar.keytab host/bar.intra.foobar.com

    These days, I've got a very simple Kerberos setup, so I can't really
    shed much light I'm afraid...
    Defeat is not bitter unless you swallow it.

+ Reply to Thread