On Tue, Aug 7, 2012 at 1:24 PM, Simo Sorce <s...@redhat.com> wrote:
> Kerberos depends on proper name resolution. If a hostname cannot be
> resolved you cannot acquire tickets for it.
> So if your host ovm-c19-db does not have a DNS entry (either using IPA's
> DNS server or an external DNS server) you can't get tickets.
> also name resolution generally must match the hostname as that is what
> is used to register a client into ipa.

That seems fair.  DNS is well set up, though.  ovm-c19-db.<fqdn>
exists in DNS and ovm-auth is able to resolve it by short hostname and
FQDN.  On the client, hostname returns the FQDN, as well.

Is there anything in my log entries that make it look like it's a DNS
problem?  Again, I must stress, I'm new with Kerberos.

Thanks for your help!


Freeipa-users mailing list

Reply via email to