Troubleshooting
Troubleshooting Kerberos
Table | Table of Errors Messages (Continued) |
| |
|
|
|
|
| Clock skew too great in | This generally occurs | You will need to run |
| KDC reply while getting | because the system’s clock | ntp, or a similar |
| initial credentials | deviates too much from the | service to keep your |
|
| time on the authenticating | system’s clock |
|
| KDC. You are, generally, | synchronized with |
|
| allowed upto five minutes of | the world’s atomic |
|
| clock skew. | clock. If you do not |
|
|
| know how to do this |
|
|
| then you should |
|
|
| contact your system |
|
|
| administrator to |
|
|
| resolve this. |
|
|
|
|
| Requesting host | The host uses /etc/hosts |
|
| principal without | to resolve name lookups |
|
| before dns. If the line for the |
| |
| name. | host in /etc/hosts contains |
|
| Server not found in | unqualified domain name |
|
| before the |
| |
| Kerberos database while |
| |
| domain name. |
| |
| getting the credentials |
| |
|
|
| |
| from kdc | This problem can also be |
|
| Incorrect net address | caused if the /etc/hosts |
|
| has a different IP address |
| |
| while getting |
| |
| for a host from what the |
| |
| credentials from kdc |
| |
| DNS server has. |
| |
|
|
| |
|
|
|
|
| /opt/krb5/krb.conf | The krb.conf file has not | Copy the sample |
| not found | been created. | file, |
|
|
| krb5.conf.sample, |
|
|
| from |
|
|
| /opt/krb5/exampl |
|
|
| e and edit |
|
|
| accordingly. |
|
|
|
|
| Can’t open/find | When you try to create the | Copy the sample |
| Configuration file while | database and krb.conf file | file, |
| initializing Kerberos | is not found in the | krb.conf.sample, |
| code | /opt/krb5 directory the | from |
|
| following error message | /opt/krb5/exampl |
|
| occurs. | e and edit |
|
|
| accordingly. |
|
|
|
|
|
|
|
|
268 | Chapter 9 |
