[Freeipa-users] New FreeIPA Install; Testing for Proof of Concept
Rob Ogilvie
rob at axpr.net
Tue Aug 7 20:35:02 UTC 2012
On Tue, Aug 7, 2012 at 1:24 PM, Simo Sorce <simo at redhat.com> wrote:
> Kerberos depends on proper name resolution. If a hostname cannot be
> resolved you cannot acquire tickets for it.
> So if your host ovm-c19-db does not have a DNS entry (either using IPA's
> DNS server or an external DNS server) you can't get tickets.
> also name resolution generally must match the hostname as that is what
> is used to register a client into ipa.
That seems fair. DNS is well set up, though. ovm-c19-db.<fqdn>
exists in DNS and ovm-auth is able to resolve it by short hostname and
FQDN. On the client, hostname returns the FQDN, as well.
Is there anything in my log entries that make it look like it's a DNS
problem? Again, I must stress, I'm new with Kerberos.
Thanks for your help!
Rob
More information about the Freeipa-users
mailing list