Troubleshooting
Troubleshooting Kerberos
Services ChecklistWhile troubleshooting ensure, that you have answered all the questions in the troubleshooting checklist in the section “Characterizing a Problem” on page 291. Ensure that your node name and the Internet address exists in the /etc/hosts file, and run the service on your own node. If the server is successful in authenticating, the client and the server side of the service operates correctly. This provides a starting point to determine where the problems are occurring.
Troubleshooting TechniquesTable
Table | Troubleshooting Scenarios |
| |
|
|
|
|
| Scenario | Cause | Troubleshooting |
|
|
| Tips |
|
|
|
|
| Permission denied while | The | Reset the permissions |
| initializing krb5. | /opt/krb5/krb.conf | to 644. |
|
| file is set to |
|
|
| root. |
|
|
|
|
|
| Host name cannot be | The hostname is longer | Add the 8 character |
| made canonical while | than 8 characters. A | name to the |
| selecting the best | uname | /etc/hosts file (just |
| principal. | first 8 characters of the | tack it on to the end |
|
| name. | of the current IP |
|
|
| address or host name |
|
|
| entry). |
|
|
|
|
| ASN.1 failed call to | This message is usually |
|
| system time library | displayed when a client |
|
| while dispatching. | is requesting a krbtgt |
|
|
| with a bad lifetime |
|
|
| value. |
|
|
|
|
|
296 | Chapter 11 |