[Freeipa-users] Problem with KRB DNS discovery (i think)
Tomasz Z. Napierala
tomasz.napierala at allegro.pl
Wed Nov 25 14:50:07 UTC 2009
Hi,
I'm getting problems installing clients with default ipa-client-install
values. Relam and domain are both discovered successfully but then after
issuing kinit admin I'm getting:
kinit(v5): Cannot resolve network address for KDC in realm QXLTECH while
getting initial credentials
My krb5.conf looks like this:
[libdefaults]
default_realm = QXLTECH
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
forwardable = yes
[domain_realm]
.dc2 = QXLTECH
dc2 = QXLTECH
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
Adding static kdc entry solved my problem. DNS is configured properly
with all necessary SRV and TXT entries.
Do you have any ideas what could be wrong?
Regards,
--
Tomasz Napierała
Systems Architecture Engineer,
IT Infrastructure Department
Allegro Team
http://www.allegro.pl/
QXL Poland sp. z o.o.
ul. Marcelińska 90, 60-324 Poznań
NIP 779-21-25-257;
Sąd Rejonowy Poznań - Nowe Miasto i Wilda w Poznaniu, Wydział VIII
Gospodarczy
KRS nr 0000104322
Kapitał zakładowy: 1.046.000 zł.
More information about the Freeipa-users
mailing list