[29211] in Kerberos
Re: Help : Can not contact KDC
daemon@ATHENA.MIT.EDU (Kevin S. Sumner)
Sat Feb 9 13:03:43 2008
Date: Sat, 9 Feb 2008 13:02:51 -0500 (EST)
From: "Kevin S. Sumner" <ksumner@physics.unc.edu>
To: Abhishek Rahirikar <me_rahirikar@yahoo.co.in>
In-Reply-To: <53303.66136.qm@web94603.mail.in2.yahoo.com>
Message-ID: <Pine.LNX.4.64.0802091256470.10188@neptune.physics.unc.edu>
MIME-Version: 1.0
Content-Disposition: inline
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Some diagnostics I can think of at the moment:
- Check to see if kadmin is in the process list on your KDC and that it
has its port open to the outside world.
- Check to see if the client has the correct entry for admin_server in
krb5.conf.
- Check firewall rules on the client and the server. If I remember
correctly, kadmind runs on port 749/tcp.
nmap, netstat, and lsof will be a lot of help. You can get most of
these from a popular Linux distribution, compile them from source on most
Unices. There's also a netstat implementation in Windows and a native
compile of nmap for Windows too.
strace, ktrace/kdump, etc. would be my last line.
Hope this helps!
Kevin
-----
Kevin Sumner
ksumner@physics.unc.edu
(919) 962-6494
Assistant Systems Administrator
Physics and Astronomy Networking Infrastructure and Computing
University of North Carolina at Chapel Hill
On Sat, 9 Feb 2008, Abhishek Rahirikar wrote:
>
> Hi, there,
> I set up a MIT Kerberos 5 master kdc on a pc in a private domain. I
> have
> /etc/hosts mapping hostname of the pc to its ip address and
> /etc/krb5.conf< correctly set.
> The problem is that, I can do kadmin.local but I just couldn't do
> kadmin. It always complains:
> kadmin: Cannot contact any KDC for requested realm while initializing
> kadmi interface
> kinit with no parameters reports the similar error:
> kinit(v5): Cannot contact any KDC for requested realm while getting
> initial credentials
> I have also tried putting direct IP of the kdc in krb5.c But error is the same.
> Please help me. I am new to kerbero Thank you.
> Abhishek
>
>
>
>
>
>
> _________________________________________________________________
>
> Why delete messages? Unlimited storage is [1]just a click away.
>
> References
>
> 1. ="http://in.rd.yahoo.com/tagline_mail_1/*http://help.yahoo.com/l/in/yahoo
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
> --
>
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
