On Mon, 2011-10-17 at 09:18 -0400, Jimmy Caldwell wrote:
> Freeipa will not start, suddenly. To my knowledge nothing changed
> since the time I knew it to start and now I'm getting these errors:
> In the krb5kdc log-
> (error): Preauth pkinit failed to initialize: no realms configured
> correctly for pkinit support

This shouldn't be fatal and should probably be ignored.

> In /var/log/messages-
> [named] failed to init credentials (client 'DNS/realm' not found in
> Kerberos database)

This means the KDC probably can't contact the LDAP server (unless
someone removed the DNS service entry).

Can you check your directory server is up and has it's ports open ?

We had an upgrade issue some times back where a rpm upgrade would fail
to properly update dse.lidf and would cause DS to not open ports for
other apps.
You may want to check if that's the case.


Simo Sorce * Red Hat, Inc * New York

Freeipa-users mailing list

Reply via email to