[Samba] kerberos_kinit_password administrador@REALM failed: Cannot
resolve network address for KDC in requested realm
Henrik Nordstrom
henrik at marasystems.com
Tue Sep 13 03:09:34 GMT 2005
Trying to join a largeish ADS forest with Samba-3.0.10 on Fedora Core 2
but can not seem to get past this error:
kerberos_kinit_password administrador at REALM failed: Cannot resolve
network address for KDC in requested realm
From looking at a traffic dump I see the following
1. LDAP connect to one of the AD servers
2. DNS PTR lookup of the same server IP, returning a good name
3. LDAP search at the root to find ldapServiceName and currentTime.
Successful.
4. LDAP SASL GSS-SPNEGO bind request
5. LDAP SASL GSS-SPNEGO initial handshake challenge
6. DNS lookup of SRV _kerberos._udp.BANCOGUAYANA.COM.VE
7. Successful DNS response, 49 servernames and their addresses. ca
3.2KB of DNS data.
8,9 same as 6,9 but for _tcp instead. Exact same list returned.
[connections closed].
and the error message above is given.
All the ADS, LDAP and KDC servers as Microsoft Active Directory servers.
Seems to work manually specifying the KDC in krb5.conf but we would very
much prefer having the automatic lookup working..
More information about the samba
mailing list