This is probably some stupid error I've overlooked, but I've been working on this on and off for about a week.

Running version 1.10.3 release 17.fc18

This is my krb5.conf

default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log


   default_domain = kerberos.internal.com
   kdc = kerberos.internal.com:
   admin_server = kerberos.internal.com:

I know the DNS is working correctly

$ host kerberos.internal.com
kerberos.internal.com has address

And the server is running

krb5kdc.service - Kerberos 5 KDC
   Loaded: loaded (/usr/lib/systemd/system/krb5kdc.service; enabled)
   Active: active (running) since Tue 2013-06-25 21:42:07 EDT; 10min ago

But this still happends

$ kinit -V kadmin/admin
Using default cache: /tmp/krb5cc_0
Using principal: kadmin/admin@KERBEROS.INTERNAL.COM
kinit: Cannot contact any KDC for realm 'KERBEROS.INTERNAL.COM' while getting initial credentials

And this

$ kadmin -p kadmin/admin
Authenticating as principal kadmin/admin with password.
kadmin: Cannot contact any KDC for requested realm while initializing kadmin interface

Is it just some stupid mistake, or did I screw up the installation or something? I've messed around with DNS options a bit, and I don't think they make much of a difference. It is definitely accepting connections, and the journal shows absolutley nothing.

  • 141
  • 1
  • 1
  • 5

1 Answers1


The problem is likely the hanging colons at the end of the kdc line.

kdc kerberos.internal.com:

Either get rid of the colon or add the port that the kdc is running on.

kdc kerberos.internal.com:88