0

I'm using Red Hat 5 client to authenticate to a Windows 2003 KDC (or trying to anyway), but when I run

kinit vwwebseal@VWXAUTHN.LOCAL

I get

kinit(v5): Cannot find KDC for requested realm while getting initial credentials

When I use nslookup, the Red Hat machine can successfully look up the KDC:

[root@vwwebseal ~]# nslookup vwkdc.vwxauthn.local
Server:         10.150.26.64
Address:        10.150.26.64#53

Name:   vwkdc.vwxauthn.local
Address: 10.150.26.64

This is my krb5.conf file:

[libdefaults]
default_realm = VWXAUTHN.LOCAL
default_keytab_name = FILE:/etc/krb5/krb5.keytab
default_tkt_enctypes = rc4-hmac
default_tgs_enctypes = rc4-hmac

[realms]
VWXAUTHN.LOCAL = {
kdc = vwkdc.vwxauthn.local:88
admin_server = vwkdc.vwxauthn.local:749
default_domain = vwxauthn.local
}

[domain_realm]
.vwxauthn.local = VWXAUTHN.LOCAL
vwkdc.vwxauthn.local = VWXAUTHN.LOCAL

[logging]
kdc = FILE:/var/krb5/log/krb5kdc.log
admin_server = FILE:/var/krb5/log/kadmin.log
default = FILE:/var/krb5/log/krb5lib.log

snibbets
  • 131
  • 1
  • 7
  • _When I use nslookup, the Red Hat machine can successfully look up the KDC (vwkdc.vwxauthn.local)._ --> Could you please show us the output? – quanta Sep 11 '12 at 04:22
  • Check /etc/hosts (or run getent hosts vwkdc.vwxauthn.local) if nsswitch.conf means kerberos uses the hosts file rather than DNS to look for the KDC. – ramruma Sep 11 '12 at 06:55

1 Answers1

0

It's okay, I solved it. When I ran config.krb5 it created a file at /etc/krb5/krb5.conf, but a file already existed at /etc/krb5.conf. It was using that configuration instead of the one I created, so I removed /etc/krb5.conf.

snibbets
  • 131
  • 1
  • 7