Hey i am trying to authenticate my apache to active directory true kerberos. But i keep getting this error in my apache logs:
krb5_get_init_creds_password() failed: Cannot find KDC for requested realm

however everything seems to be awright in my opinion can someone take a look.

httpd.conf looks like this
--------------------------
<Directory /home/vanessa/>
Options FollowSymLinks
AllowOverride None
AuthType Kerberos
AuthName "Kerberos Login"
KrbMethodNegotiate On
KrbMethodK5Passwd On
KrbAuthRealms SERVER.EXAMPLE.COM
Krb5KeyTab /etc/temp/auth_kerb.keytab
require valid-user
</Directory>

/etc/temp/auth_kerb.keytab looks like this
---------------------------
HTTP/SERVER.EXAMPLE.COM@EXAMPLE.COM



krb5.conf looks like this
--------------------------
[libdefaults]
ticket_lifetime = 24000
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = false

[realms]
EXAMPLE.COM = {
kdc = SERVER.EXAMPLE.COM:88
}

[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM

[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}

____________________________________
Then i try localhost/vanessa a popup appears where i need to type in credentials from active directory, i pass them in correctly. and then it pops up again and again and again and again. Then i viewed the apache error logs==>
krb5_get_init_creds_password() failed: Cannot find KDC for requested realm

Help?

Hey there did you get this one to work? Having similiar issues but am outa steam too, so just browsin' old threads :-)...

Basically your apache is saying, that it can't find any KDC(your domain controller), so the authentication is failing.

Perhaps, did you try to authenticate using or to check if the kerberos authentication is working? In your case, should probably work too... but I think the fqdn name in keytab(SERVER.EXAMPLE.COM) should match the DNS, which is probably lower-case (server.example.com).