Dnia 2009-11-25, śro o godzinie 15:50 +0100, Tomasz Z. Napierala pisze: > Hi, > > I'm getting problems installing clients with default ipa-client-install > values. Relam and domain are both discovered successfully but then after > issuing kinit admin I'm getting: > > kinit(v5): Cannot resolve network address for KDC in realm QXLTECH while > getting initial credentials > > My krb5.conf looks like this: > [libdefaults] > default_realm = QXLTECH > dns_lookup_realm = true > dns_lookup_kdc = true > ticket_lifetime = 24h > forwardable = yes > > [domain_realm] > .dc2 = QXLTECH > dc2 = QXLTECH > > [appdefaults] > pam = { > debug = false > ticket_lifetime = 36000 > renew_lifetime = 36000 > forwardable = true > krb4_convert = false > } > > Adding static kdc entry solved my problem. DNS is configured properly > with all necessary SRV and TXT entries. > > Do you have any ideas what could be wrong?
I dogged little bit deeper and straced kinit. It looks like kinit is picking up wrong domain name. My realm is QXLTECH but domain name .dc2 or .dc3 Kinit is requesting _kerberos._tcp.QXLTECH How can I change it? Regards, -- Tomasz Z. Napierała Systems Architecture Engineer, IT Infrastructure Department Allegro Team http://www.allegro.pl/ QXL Poland sp. z o.o. ul. Marcelińska 90, 60-324 Poznań NIP 779-21-25-257; Sąd Rejonowy Poznań - Nowe Miasto i Wilda w Poznaniu, Wydział VIII Gospodarczy KRS nr 0000104322 Kapitał zakładowy: 1.046.000 zł. _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users