[Samba] ADS and samba domain member: ads_connect: Cannot resolve network address for KDC in requ

David Shapiro David.Shapiro at bcbsnc.com
Wed Feb 1 16:07:01 GMT 2006


Thanks,
 
Unfortunately, I still got the same error.  I may be wrong, but it is
like it does the automatic lookup process of kdc instead of using the
krb5.conf file.  However, as per my note below, if I do add bad config
info to the krb5.conf, it does complain.
 
David
 
 
David Shapiro
Unix Team Lead
919-765-2011

>>> Dimitri Yioulos <dyioulos at firstbhph.com> 2/1/2006 10:15:49 AM >>>

On Wednesday February 01 2006 9:41 am, David Shapiro wrote:
> Hello,
>
> I am having a problem getting my server to join our realm as a
domain
> member server.   I have read through google, yahoo, and this list,
but I
> cannot find the answer yet.
>
> When I run: net join ads -Uadministrator and try to login it gives
the
> following error:
>
>  kerberos_kinit_password Administrator at MYREALM.COM failed: Cannot
> resolve network address for KDC in requested realm
> [2006/02/01 09:33:46, 0] ../utils/net_ads.c:ads_startup(191)
>   ads_connect: Cannot resolve network address for KDC in requested
> realm
>
> The details of my setup are:
>
> aix 5.2.0.7
> libiconv-1.9.1
> autoconf-2.59
> libiodbc-3.52.4
> bison-2.0
> m4-1.4.3
> db-4.4.20
> mysql-connector-odbc-3.51.12
> krb
> samba-3.0.21a
>
> ../configure --prefix=/usr/local/samba --with-ads --with-ldap
> --with-winbind --with-acl-support --with-utmp --with-quotas
> --with-sendfile-support
>
> openldap-2.3.19
>
> ./configure --enable-crypt --without-cyrus-sasl
>
>
> unixODBC-2.2.11
> gcc 3.3.2
>
> /etc/krb5.conf:
>
> [libdefaults]
>         default_realm = MYREALM.COM
>         default_etypes = des-cbc-crc des-cbc-md5
>         default_etypes_des = des-cbc-crc des-cbc-md5
>         ticket_lifetime = 24000
>         clockskew = 300
>         dns_lookup_realm = false
>         dns_lookup_kdc = false
>
> [realms]
>         MYREALM.COM = {
>                 kdc = myadsserver.mydomain.com
>                 default_domain = mydomain.com
>         }
>
> [domain_realm]
>         .mydomain.com = MYREALM.COM
>
> [logging]
>         kdc = FILE:/var/log/kdc.log
>         admin_server = FILE:/var/log/kadmin.log
>         default = FILE:/var/log/krb5lib.log
>
> /etc/hosts:
> 1.2.3.4   myadsserver.mydomain.com myadsserver
>
>
> Note: Nothing goes into the logs and if I move aisde thekrb5.conf it
> still tries automatically MYREALM.COM.  I put an error int he
krb5.conf
> file to see if it would notice, and it does warn about it, so it is
> looking in krb5.conf.
>
>
>
>
> David Shapiro
> Unix Team Lead
> 919-765-2011
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba

In krb5.conf, try this:

[realms]
  YOURDOMAIN.COM = {
       default_domain = yourdomain.com
       kdc = xxx.xxx.xxx.xxx   (my note - use ip address of AD server)
       admin_server = xxx.xxx.xxx.xxx  (my note - use ip address of AD
server)
}

HTH.

Dimitri

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba



More information about the samba mailing list