LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page [SOLVED] Testing Kerberos
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 01-03-2015, 08:48 AM   #1
msoma
LQ Newbie
 
Registered: Dec 2014
Posts: 8

Rep: Reputation: Disabled
Testing Kerberos

hi, there i got problem on testing kerberos now, i have already test the DNS and its working
fine, but am on final steps to finish configure SAMBA as AD,

The error i encounter is this.

kinit administrator@TEST.COM
kinit: Cannot contact any KDC for realm 'TEST.COM' while getting initial credentials

my /etc/krb5.conf file has this arguments

[libdefaults]
default_realm = TEST.COM
dns_lookup_realm = false
dns_lookup_kdc = true

[realms]

TEST.COM = {
kdc = TEST.COM
admin_server = TEST.COM

}

[domain_realm]
.test.com = TEST.COM
test.com = TEST.COM

and my /etc/hosts file has this arguments.

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

10.0.0.100 modee.test.com


Please if any one can direct me to solve this problem, please i need your assistent.

thanks in Advance.
Last edited by msoma; 01-03-2015 at 08:53 AM. Reason: clarity
 
Old 01-03-2015, 10:30 AM   #2
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 3,339

Rep: Reputation: Disabled
According to krb5.conf, the KDC is called "test.com", while your hosts file has an entry for "modee.test.com". You need to make sure the KDC entry points to a name that resolves.

(You might want to consider setting up a local DNS zone, which is way better than using the hosts file. And if your Kerberos implementation happens to be Heimdal, you can then create SRV records for the KDC and get rid of krb5.com entirely.)
 
1 members found this post helpful.
Old 01-03-2015, 11:57 AM   #3
msoma
LQ Newbie
 
Registered: Dec 2014
Posts: 8

Original Poster
Rep: Reputation: Disabled
Do you mean the name which i type on /etc/resolv.conf file ?
if that there is another issue on this file whenever i restart the computer and connect to internet Network Manager generate
another nameserver and remove the domain name i typed.

what should be written on /etc/resolv.conf is

domain test.com
search test.com

nameserver 10.0.0.20

But what happen is when restart or connect to internet.

Generated by NetworkManager
search test.com
nameserver 192.168.1.1

And to what you have suggest on create SRV record for the KDC, honestly no idea about it if possible
walk me through step by step.

Thanks
 
Old 01-04-2015, 12:53 AM   #4
msoma
LQ Newbie
 
Registered: Dec 2014
Posts: 8

Original Poster
Rep: Reputation: Disabled
Thanks a lot it work, when I change the KDC name and made exactly what I kept on /etc/hosts file,

Thanks a lot really appreciated.

May Allah bless you and your family.[COLOR="Silver"]

---------- Post added 01-04-15 at 09:53 AM ----------
Last edited by msoma; 01-04-2015 at 01:20 AM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PAM Kerberos and ADS for Slackware-current - Call for testing ivandi Slackware 95 08-05-2015 10:46 PM
ssh and kerberos error: Server not found in Kerberos database Felipe Linux - Server 1 01-17-2011 03:12 AM
Testing Testing My Linux Counter rtrahan Linux - Newbie 3 02-23-2009 05:25 AM
Replace 'etch' with 'testing' in /etc/apt/sources.list to track 'testing' branch? Akhran Debian 3 04-09-2007 10:45 AM
Setup as getting debian testing files from ftp - will it stay with testing BrianHenderson Debian 2 09-02-2004 06:06 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 02:58 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration