[Samba] SAMBA4 kinit fails
Daniel Müller
mueller at tropenklinik.de
Mon Sep 6 12:35:21 MDT 2010
can your bind read from your krb5.conf??
-rwxrwxrwx 1 root named 389 11. Aug 14:33 /etc/krb5.conf
On Mon, 6 Sep 2010 09:01:45 -0400 (EDT), Neil Balchin <neil at neilandjo.com>
wrote:
> unfortunately even with
> ...
> [libdefaults]
> dns_lookup_realm = true
> dns_lookup_kdc = true
> ...
> in /etc/krb5.conf
>
> I still get
>
> kinit: Cannot contact any KDC for realm 'NEILANDJO.COM' while getting
> initial credentials
>
>
> error
>
>
> ----- Original Message -----
> From: "rajat swarup" <rajats at gmail.com>
> To: "Neil Balchin" <neil at neilandjo.com>
> Cc: "Aaron Solochek" <aarons-samba at aberrant.org>, samba at lists.samba.org
> Sent: Monday, 6 September, 2010 1:33:23 AM
> Subject: Re: [Samba] SAMBA4 kinit fails
>
> On Mon, Sep 6, 2010 at 12:54 AM, Neil Balchin <neil at neilandjo.com>
wrote:
>> I've tried that, i ran
>>
>> cp /usr/local/samba/private/krb5.conf /etc/krb5.conf
>>
>> contents of /etc/krb5.conf
>> are
>> ......
>>
>> [libdefaults]
>> default_realm = MYDOMAIN.COM
>> dns_lookup_realm = false
>> dns_lookup_kdc = false
>> ticket_lifetime = 24h
>> forwardable = yes
>>
>> [realms]
>> MYDOMAIN.COM = {
>> kdc = pdc.mydomain.com:88
>> admin_server = pdc.mydomain.com:749
>> default_domain = mydomain.com
>> }
>>
>> [domain_realm]
>> .mydomain.com = MYDOMAIN.COM
>> mydomain.com = MYDOMAIN.COM
>>
>
> Change the contents of /etc/krb5.conf to
> [libdefaults]
> dns_lookup_realm = true
> dns_lookup_kdc = true
>
> Even though the system is using DNS kerberos doesn't use DNS due to
> the settings that you've configured.
>
> Hope this helps!
> --
> Rajat Swarup
> www.rajatswarup.com
More information about the samba
mailing list