Hi Team,
Krb5kdc and kadmin services not getting started
PFB error logs
As you can see we are getting "Kerberos User Principal not found. Do you have a valid
Credential Cache?" upon getting new keytab
[root@dir ~]# tail -f /var/log/krb5kdc.log
krb5kdc: Server error - while fetching master key K/M for realm
IPA.DOMAIN.COM
krb5kdc: Server error - while fetching master key K/M for realm
IPA.DOMAIN.COM
krb5kdc: Server error - while fetching master key K/M for realm
IPA.DOMAIN.COM
krb5kdc: Server error - while fetching master key K/M for realm
IPA.DOMAIN.COM
krb5kdc: Server error - while fetching master key K/M for realm
IPA.DOMAIN.COM
krb5kdc: Server error - while fetching master key K/M for realm
IPA.DOMAIN.COM
krb5kdc: Server error - while fetching master key K/M for realm
IPA.DOMAIN.COM
krb5kdc: Server error - while fetching master key K/M for realm
IPA.DOMAIN.COM
krb5kdc: Server error - while fetching master key K/M for realm
IPA.DOMAIN.COM
krb5kdc: Server error - while fetching master key K/M for realm
IPA.DOMAIN.COM
-------------------------------------------------------------------------------------------------------
[root@dir ~]#
[root@dir ~]#
[root@dir ~]# tail -f /var/log/kadmind.log
Jul 24 19:49:57
dir.IPA.DOMAIN.COM kadmind[211105](Error): Server error while
initializing, aborting
Jul 24 19:56:29
dir.IPA.DOMAIN.COM kadmind[2807](Error): Server error while initializing,
aborting
Jul 24 20:50:50
dir.IPA.DOMAIN.COM kadmind[5803](Error): Server error while initializing,
aborting
Jul 24 20:55:02
dir.IPA.DOMAIN.COM kadmind[6560](Error): Server error while initializing,
aborting
Jul 24 21:39:45
dir.IPA.DOMAIN.COM kadmind[9520](Error): Server error while initializing,
aborting
----------------------------------------------------------------------------------------------------------
[root@dir ~]#
[root@dir ~]#
[root@dir ~]# klist -kt
Keytab name: FILE:/etc/krb5.keytab
KVNO Timestamp Principal
---- ------------------- ------------------------------------------------------
1 05/14/2019 13:23:12 host/dir.IPA.DOMAIN.COM(a)IPA.DOMAIN.COM
1 05/14/2019 13:23:12 host/dir.IPA.DOMAIN.COM(a)IPA.DOMAIN.COM
----------------------------------------------------------------------------------------------------------
[root@dir ~]#
[root@dir ~]#
[root@dir ~]# mv /etc/krb5.keytab /etc/krb5.keytab-bak
[root@dir ~]#
------------------------------------------------------------------------------------------------------------
[root@dir ~]# ipa-getkeytab -s
central01.ipa.domain.com -p
host/dir.IPA.DOMAIN.COM(a)IPA.DOMAIN.COM -k /etc/krb5.keytab
Kerberos User Principal not found. Do you have a valid Credential Cache?
[root@dir ~]#
[root@dir ~]#
Regards
Sai
________________________________
DISCLAIMER: The information in this message is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this message by anyone else is
unauthorized. If you are not the intended recipient, any disclosure, copying, or
distribution of the message, or any action or omission taken by you in reliance on it, is
prohibited and may be unlawful. Please immediately contact the sender if you have received
this message in error. Further, this e-mail may contain viruses and all reasonable
precaution to minimize the risk arising there from is taken by OnMobile. OnMobile is not
liable for any damage sustained by you as a result of any virus in this e-mail. All
applicable virus checks should be carried out by you before opening this e-mail or any
attachment thereto.
Thank you - OnMobile Global Limited.