Hello all!

On my replica IPA server after fixing a cert issue that had been going on for 
sometime, I have all my certs figured out but the krb5kdc service will not 
start.

# service krb5kdc start
Starting Kerberos 5 KDC: krb5kdc: cannot initialize realm ITMODEV.GOV - see log 
file for details                  [FAILED]

# cat /var/log/krb5kdc.log
krb5kdc: Server error - while fetching master key K/M for realm ITMODEV.GOV
krb5kdc: Server error - while fetching master key K/M for realm ITMODEV.GOV
krb5kdc: Server error - while fetching master key K/M for realm ITMODEV.GOV

I found this article online:  
http://research.imb.uq.edu.au/~l.rathbone/ldap/kerberos.shtml

Which stated it might be because The slave KDC does not have a stash file 
(.k5.EXAMPLE.COM). You need to create one.  Tried the command listed:

# kdb5_util stash
kdb5_util: Server error while retrieving master entry

No further information found on the proceeding error above for the kdb5_util 
command.

Any thoughts?



-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to