krb5 + nscd + SRV records

"Jóhann B. Guðmundsson" johannbg at hi.is
Tue Jun 30 22:23:39 UTC 2009


On 06/30/2009 09:13 PM, Jack Neely wrote:
> kinit(v5): Cannot resolve network address for KDS in realm
>    

3 things on the top of me rusty head..

First broken dns setup make sure you can just test it with usual lookups 
procedures...

Second Different domains for KDC and LDAP client

Try mapping the FQDN ldap domain name with the kdc domain name in 
etc/krb5.conf.

[domain_realm]
.fqdn.forldap.nscu.edu =eos.nscu.edu

Thirdly try adding “single-request” to the options in /etc/resolv.conf 
#Just some recently made changes I keep in the back of my head

+Boost up the loglevel in ncsd and see if it spits out something useful..

Add these lines to enable nscd logging /etc/nscd.conf
logfile /var/log/nscd.log # note you need to create the file first..
debug-level 10

Start with this I'm going to see if I can duplicate this @ work tomorrow...

JBG




More information about the test mailing list