[Freeipa-users] Preauth pkinit failed to initialize
Simo Sorce
simo at redhat.com
Mon Oct 17 14:18:06 UTC 2011
On Mon, 2011-10-17 at 09:18 -0400, Jimmy Caldwell wrote:
> Freeipa will not start, suddenly. To my knowledge nothing changed
> since the time I knew it to start and now I'm getting these errors:
>
> In the krb5kdc log-
> (error): Preauth pkinit failed to initialize: no realms configured
> correctly for pkinit support
This shouldn't be fatal and should probably be ignored.
> In /var/log/messages-
> [named] failed to init credentials (client 'DNS/realm' not found in
> Kerberos database)
This means the KDC probably can't contact the LDAP server (unless
someone removed the DNS service entry).
Can you check your directory server is up and has it's ports open ?
We had an upgrade issue some times back where a rpm upgrade would fail
to properly update dse.lidf and would cause DS to not open ports for
other apps.
You may want to check if that's the case.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list