0

I've been playing with my openAFS setup, and adding keys for the afs principle for kerberos. Now, suddenly, Kerberos has gone down (or something). 

Kadmin gives the following error:
kadmin -p admin
Authenticating as principal admin with password.
admin: Cannot contact any KDC for requested realm while initializing kadmin interface

Kinit:
kinit: Cannot contact any KDC for realm '***' while getting initial credentials

Please help (desperate)

user9517
  • 114,104
  • 20
  • 206
  • 289
pypmannetjies
  • 129
  • 6
  • Restarting Kerberos administrative servers: kadmind failed! Restarting Kerberos KDC: krb5kdc failed! – pypmannetjies Jul 15 '11 at 08:12
  • Can you provide more details about why kadmind and krb5kdc say they're failing to start? stderr output, logs, etc. would be helpful in troubleshooting the issue. – Handyman5 Jul 15 '11 at 14:52
  • I'm guessing there is a permissions problem with the kadmin / krb5kdc services. But there is no way to say for sure without you posting logs and error output. – wzzrd Jul 21 '11 at 11:01

1 Answers1

0

Red Hat Ent. Linux 4 kerberos libraries had a fixed amount of memory they would use when using DNS to look up KDCs, and if the DNS response came back too big (e.g., you added one more KDC that pushed you over the space limit for the DNS answer), it would fail. That section of code in RHEL5 is just about completely different, and doesn't suffer from that problem. The code reflects upstream, so it is likely in some versions of other distributions as well.

You environment may or may not be affected.

Stephen P. Schaefer
  • 106
  • 8