Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
05-19-2006, 11:11 AM
|
#1
|
LQ Newbie
Registered: Feb 2006
Posts: 10
Rep:
|
Cannot resolve network address for KDC in requested realm while getting initial crede
I have users who are unable to login to a Red Hat machine.
Linux version 2.6.9-5.ELsmp(bhcompile@decompose.build.redhat.com) (gcc version 3.4.3 20041212 (Red Hat 3.4.3-9.EL4)) #1 SMP Wed Jan 5 19:30:39 EST 2005
There error is below:
Cannot resolve network address for KDC in requested realm while getting initial credentials
I dont know what this error is about and didnt find the answer on google yet. Any help would be greatly appreciated.
Thanks.
|
|
|
05-22-2006, 06:24 PM
|
#2
|
LQ Newbie
Registered: Feb 2006
Posts: 10
Original Poster
Rep:
|
I hope someone can direct me to the right answer here.
Thanks.
|
|
|
08-21-2007, 03:56 AM
|
#3
|
Red Hat India
Registered: Nov 2004
Location: Kerala/Pune,india
Distribution: RedHat, Fedora
Posts: 260
Rep:
|
Hello Humayun,
The error "Cannot resolve network address for KDC in requested realm while getting initial credentials" mainly pops up when you don't have your /etc/resolv.conf' or '/etc/hosts' file set up properly. Could you please verify this and also check that all your DNS servers are working fine.Each host's canonical name must be a FQDN, including the domain, and each host's IP address must reverse-resolve the canonical name. The basic thing is that your client should be able to resolve the server address ( kerberos name specified in the /etc/krb5.conf ) properly. Also please ensure that your system time is synchronized with the Kerberos server.Hosts are configured to reject responses from any KDC whose clock is not within the specified maximum clock skew ( 300 secs / 5 min ), as specified in the krb5.conf file. This directive (clockskew) must be specified in the [libdefaults] section.
Please check these and update us on the details.
Warm regards,
Vimal Kumar
Last edited by vimal; 08-22-2007 at 03:49 AM.
|
|
|
05-14-2009, 07:58 PM
|
#4
|
LQ Newbie
Registered: May 2006
Posts: 7
Rep:
|
Could be too many KDCs
In RHEL4, the kerberos library routine krb5int_make_srv_query_realm allocates a 2048 byte buffer for a DNS answer on the stack. I'm experiencing a DNS answer longer than that (2266 bytes) due to a large number of kdcs, but the routine just gives up, provoking the error message you experienced.
A workaround in /etc/krb5.conf is to use "dns_lookup_kdc = false" and to specify the kdc's for the domain explicitly. See the krb5.conf man page. Since I'm not reasonable, I'm trying to change the source code to allow a bigger DNS answer.
|
|
|
04-22-2011, 04:09 PM
|
#5
|
LQ Newbie
Registered: Oct 2006
Location: California / Moldova
Distribution: bunch of Ubuntu flavors
Posts: 29
Rep:
|
My fix
I was getting "kinit: Cannot find KDC for requested realm while getting initial credentials"
The fix was to rewrite the realm name in uppercase. I know, how silly. And it wasn't even me who wrote it "wrong" to begin with, it was the installer in Ubuntu.
Last edited by Andersonian; 04-22-2011 at 04:11 PM.
Reason: typo
|
|
|
11-15-2013, 10:45 AM
|
#6
|
LQ Newbie
Registered: Nov 2013
Posts: 2
Rep:
|
This is what worked for me
I fixed this problem by editing /etc/krb5.conf.
Changed it to:
[libdefaults]
default_realm = TESTDOM.LAN
dns_lookup_realm = false
dns_lookup_kdc = true
[realms]
TESTDOM.LAN = {
kdc = DC1.TESTDOM.LAN
admin_server = DC1.TESTDOM.LAN
}
[domain_realm]
.testdom.lan = TESTDOM.LAN
testdom.lan = TESTDOM.LAN
I hope this works for you.
|
|
|
All times are GMT -5. The time now is 03:50 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|