Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 05-19-2006, 11:11 AM   #1
LQ Newbie
Registered: Feb 2006
Posts: 10

Rep: Reputation: 0
Cannot resolve network address for KDC in requested realm while getting initial crede

I have users who are unable to login to a Red Hat machine.

Linux version 2.6.9-5.ELsmp( (gcc version 3.4.3 20041212 (Red Hat 3.4.3-9.EL4)) #1 SMP Wed Jan 5 19:30:39 EST 2005

There error is below:
Cannot resolve network address for KDC in requested realm while getting initial credentials

I dont know what this error is about and didnt find the answer on google yet. Any help would be greatly appreciated.
Old 05-22-2006, 06:24 PM   #2
LQ Newbie
Registered: Feb 2006
Posts: 10

Original Poster
Rep: Reputation: 0
I hope someone can direct me to the right answer here.
Old 08-21-2007, 03:56 AM   #3
Red Hat India
Registered: Nov 2004
Location: Kerala/Pune,india
Distribution: RedHat, Fedora
Posts: 260

Rep: Reputation: 34
Hello Humayun,

The error "Cannot resolve network address for KDC in requested realm while getting initial credentials" mainly pops up when you don't have your /etc/resolv.conf' or '/etc/hosts' file set up properly. Could you please verify this and also check that all your DNS servers are working fine.Each host's canonical name must be a FQDN, including the domain, and each host's IP address must reverse-resolve the canonical name. The basic thing is that your client should be able to resolve the server address ( kerberos name specified in the /etc/krb5.conf ) properly. Also please ensure that your system time is synchronized with the Kerberos server.Hosts are configured to reject responses from any KDC whose clock is not within the specified maximum clock skew ( 300 secs / 5 min ), as specified in the krb5.conf file. This directive (clockskew) must be specified in the [libdefaults] section.

Please check these and update us on the details.

Warm regards,

Vimal Kumar

Last edited by vimal; 08-22-2007 at 03:49 AM.
Old 05-14-2009, 07:58 PM   #4
LQ Newbie
Registered: May 2006
Posts: 7

Rep: Reputation: 5
Unhappy Could be too many KDCs

In RHEL4, the kerberos library routine krb5int_make_srv_query_realm allocates a 2048 byte buffer for a DNS answer on the stack. I'm experiencing a DNS answer longer than that (2266 bytes) due to a large number of kdcs, but the routine just gives up, provoking the error message you experienced.

A workaround in /etc/krb5.conf is to use "dns_lookup_kdc = false" and to specify the kdc's for the domain explicitly. See the krb5.conf man page. Since I'm not reasonable, I'm trying to change the source code to allow a bigger DNS answer.
Old 04-22-2011, 04:09 PM   #5
LQ Newbie
Registered: Oct 2006
Location: California / Moldova
Distribution: bunch of Ubuntu flavors
Posts: 29

Rep: Reputation: 15
My fix

I was getting "kinit: Cannot find KDC for requested realm while getting initial credentials"

The fix was to rewrite the realm name in uppercase. I know, how silly. And it wasn't even me who wrote it "wrong" to begin with, it was the installer in Ubuntu.

Last edited by Andersonian; 04-22-2011 at 04:11 PM. Reason: typo
Old 11-15-2013, 10:45 AM   #6
LQ Newbie
Registered: Nov 2013
Posts: 2

Rep: Reputation: Disabled
This is what worked for me

I fixed this problem by editing /etc/krb5.conf.
Changed it to:

default_realm = TESTDOM.LAN
dns_lookup_realm = false
dns_lookup_kdc = true

admin_server = DC1.TESTDOM.LAN

.testdom.lan = TESTDOM.LAN
testdom.lan = TESTDOM.LAN

I hope this works for you.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
ifup eth0 causing error messages - SIOCGIFADDR: Cannot assign requested address pxumsgdxpcvjm Linux - Networking 7 01-20-2006 07:22 PM
Ssh tunnel : cannot assign requested address sieker Linux - Networking 6 11-11-2005 02:10 PM
why does gateway ip address work to resolve names? tmmort Linux - Networking 3 09-26-2005 01:58 PM
Resolve IP to MAC Address TheRealDeal Linux - General 1 12-03-2003 08:16 PM
sendmail quits - cannot bind: Cannot assign requested address scott_r_wagner Linux - Software 5 09-14-2003 06:40 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:57 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration