Hi Bruno, Looks like Kerberos can't figure out which server(s) to contact. You can resolve the domain, but according to krb5.conf you use kdc.AmbLivre as your KDC.
You have to make sure Kerberos can find the IP address of kdc.AmbLivre, either by specifying it in /etc/hosts (which means it's still available should DNS fail) or make sure it can be found through DNS. See http://www.gnu.org/software/shishi/manual/html_node/Configuring-DNS-for-KDC.html for some more info on what you could (should?) put into DNS. Kind regards, Hans Bruno Steven wrote: > Hello > > I have problem for get tickets from kerberos in my Centos 5.2, when I type > this command /usr/local/kerberos/bin/kinit [email protected] > Show this message > > kinit(v5): Cannot resolve network address for KDC in realm LABCOM.UNASP > while getting initial credentials > > I don´t understand why this message !!! My DNS is work , I can resolve the > domain (LABCOM.UNASP) > > nslookup labcom.unasp > Server: 192.168.4.66 > Address: 192.168.4.66#53 > > Name: labcom.unasp > Address: 192.168.4.2 > > > My DNS server is on Windows 2003 Server , this command kinit was tested from > the server Linux with Centos 5.2 using version keberos 1.6 of MIT , follow I > paste kr5b.conf > > [libdefaults] > # determines your default realm name > default_realm = LABCOM.UNASP > default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5 > default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5 > permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5 > kdc_timesync = 1 > ccache_type = 4 > forwardable = true > proxiable = true > > [realms] > LABCOM.UNASP = { > # specifies where the servers are and on > # which ports they listen (88 and 749 are > # the standard ports) > kdc = kdc.AmbLivre:88 > admin_server = kdc.AmbLivre:749 > default_domain = labcom.unasp > } > > [domain_realm] > # maps your DNS domain name to your Kerberos > # realm name > .labcom.unasp = LABCOM.UNASP > labcom. = LABCOM.UNASP > [kdc] > profile = /var/kerberos/krb5kdc/kdc.conf > [logging] > # determines where each service should write its > # logging info > kdc = SYSLOG:INFO:DAEMON > admin_server = SYSLOG:INFO:DAEMON > default = SYSLOG:INFO:DAEMON > > > and kdc.conf > > [kdcdefaults] > v4_mode = nopreauth > kdc_tcp_ports = 750,88 > > [realms] > LABCOM.UNASP = { > database_name = /var/kerberos/krb5kdc/principal > key_stash_file = /var/kerberos/krb5kdc/.k5.LABCOM.UNASP > master_key_type = des3-hmac-sha1 > acl_file = /var/kerberos/krb5kdc/kadm5.acl > dict_file = /usr/share/dict/words > admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab > supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal > des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 > des-cbc-crc:a > fs3 > kdc_ports = 750,88 > max_file = 10h 0m 0s > max_renewable_life = 7d 0h 0m 0s > } > > I try resolv but I can´t resolve this problem , somebody can helpme get > ticket from keberos !!! > > Thanks > ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
