[31354] in Kerberos
RE: Problem in get ticket from Kerberos
daemon@ATHENA.MIT.EDU (ravi channavajhala)
Tue Aug 11 06:18:11 2009
Message-ID: <4a814549.1f538c0a.3340.ffffdd89@mx.google.com>
From: "ravi channavajhala" <ravi.channavajhala@dciera.com>
To: "'Bruno Steven'" <aspenbr@gmail.com>, <kerberos@mit.edu>
Date: Tue, 11 Aug 2009 15:47:41 +0530
MIME-Version: 1.0
In-Reply-To: <c6bf33680908110232t705131a6ue85d0d0b225f37@mail.gmail.com>
Reply-To: ravi.channavajhala@dciera.com
Content-Type: text/plain; charset="iso-8859-1"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
/etc/resolv.conf and /etc/host.conf might have clues about this.
-----Original Message-----
From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On Behalf
Of Bruno Steven
Sent: Tuesday, August 11, 2009 3:02 PM
To: kerberos@mit.edu
Subject: Problem in get ticket from Kerberos
Hello
I have problem for get tickets from kerberos in my Centos 5.2, when I type
this command /usr/local/kerberos/bin/kinit admin@LABCOM.UNASP
Show this message
kinit(v5): Cannot resolve network address for KDC in realm LABCOM.UNASP
while getting initial credentials
I donīt understand why this message !!! My DNS is work , I can resolve the
domain (LABCOM.UNASP)
nslookup labcom.unasp
Server: 192.168.4.66
Address: 192.168.4.66#53
Name: labcom.unasp
Address: 192.168.4.2
My DNS server is on Windows 2003 Server , this command kinit was tested from
the server Linux with Centos 5.2 using version keberos 1.6 of MIT , follow I
paste kr5b.conf
[libdefaults]
# determines your default realm name
default_realm = LABCOM.UNASP
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
[realms]
LABCOM.UNASP = {
# specifies where the servers are and on
# which ports they listen (88 and 749 are
# the standard ports)
kdc = kdc.AmbLivre:88
admin_server = kdc.AmbLivre:749
default_domain = labcom.unasp
}
[domain_realm]
# maps your DNS domain name to your Kerberos
# realm name
.labcom.unasp = LABCOM.UNASP
labcom. = LABCOM.UNASP
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[logging]
# determines where each service should write its
# logging info
kdc = SYSLOG:INFO:DAEMON
admin_server = SYSLOG:INFO:DAEMON
default = SYSLOG:INFO:DAEMON
and kdc.conf
[kdcdefaults]
v4_mode = nopreauth
kdc_tcp_ports = 750,88
[realms]
LABCOM.UNASP = {
database_name = /var/kerberos/krb5kdc/principal
key_stash_file = /var/kerberos/krb5kdc/.k5.LABCOM.UNASP
master_key_type = des3-hmac-sha1
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal
des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4
des-cbc-crc:a
fs3
kdc_ports = 750,88
max_file = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
}
I try resolv but I canīt resolve this problem , somebody can helpme get
ticket from keberos !!!
Thanks
--
Bruno Steven - Administrador de sistemas.
LPIC-1 - LPI ID: lpi000119659 / Code: p2e4wz47e4
https://www.lpi.org/caf/Xamman/certification
MCP-Windows 2003 - TranscriptID: 793804 / Access Code: 080089100
https://mcp.microsoft.com/authenticate/validatemcp.aspx
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
