/etc/krb5.conf is malformed

This bug's also in Hardy, with the exact same symptoms.

Commenting the line "default_realm =" is also a solution that could be considered.

I believe that this bug was fixed in kerberos-configs v1.18, which was pushed in intrepid-release on 2008-05-03

On my system, this bug still appears.
Ubuntu 8.04 - Hardy Heron, updated.

ondra@ondra:~$ kinit
kinit(v5): Improper format of Kerberos configuration file while initializing Kerberos 5 library
ondra@ondra:~$ uname -a
Linux ondra 2.6.24-27-server #1 SMP Fri Mar 12 01:45:06 UTC 2010 i686 GNU/Linux
ondra@ondra:~$

What should I do?
Thanks

Was it only fixed in Interpid?

The same with sudo, I forgot to add in the example above.

im trying to configure my samba server with kerberos authentication and when im trying to create a new database i get a error

[root@localhost ~]# kdb5_util create -r MYGROUP.COM -s
(null): Improper format of Kerberos configuration file while initializing Kerberos code

im using MIT Kerberos V5-1.6

The krb5.conf file is like:

[libdefaults]
ticket_lifetime = 24000
default_realm = INVALID.INVALID
dns_lookup_realm = false
dns_lookup_kdc = false
forwardable = yes

[realms]
MYGROUP.COM = {
kdc = kerberos.mygroup.com.:88
admin_server = kerberos.mygroup.com:749
default_domain = mygroup.com
}

[domain_realm]
. mygroup.com = MYGROUP.COM
mygroup.com = MYGROUP.COM

[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}

Can someone please suggest what should i do??

Kritshekhar <email address hidden> writes:

> im trying to configure my samba server with kerberos authentication and
> when im trying to create a new database i get a error

> [root@localhost ~]# kdb5_util create -r MYGROUP.COM -s
> (null): Improper format of Kerberos configuration file while initializing Kerberos code

> [realms]
> MYGROUP.COM = {
> kdc = kerberos.mygroup.com.:88

I'm not sure if this is your problem, but the trailing period here looks
suspicious. Try removing the period just before the colon.

--
Russ Allbery (<email address hidden>) <http://www.eyrie.org/~eagle/>

Thanks, n ya i too got suspicious regarding the trailing period hence removed it , but still there is some issue

Here is what happens when i try to

[root@localhost ~]# kdb5_util create -r MYGROUP.COM -s
Loading random data
Initializing database '/var/lib/krb5kdc/principal' for realm 'MYGROUP.COM',
master key name '<email address hidden>'
You will be prompted for the database Master Password.
It is important that you NOT FORGET this password.
Enter KDC database master key:
Re-enter KDC database master key to verify:
create: File exists while creating database '/var/lib/krb5kdc/principal'
[root@localhost ~]# kadmin.local
Authenticating as principal <email address hidden> with password.
kadmin.local: No such file or directory while initializing kadmin.local interface
[root@localhost ~]#

I think there is some path issue
cz it says "File exists while creating database '/var/lib/krb5kdc/principal'" but there is no such location in my m/c
and location of kdc.conf file is "/var/kerberos/krb5kdc/kdc.conf"
and krb5.conf file is /etc/krb.conf

Please suggest something.

PS: im trying this in CentOS

hi, i changed my flavour of OS to ubuntu and some part worked. But still when i try out the command

kadmin -p krit

"krit" is a user ,it gives a error

kadmin"Cannot contact any KDC for requested realm while initializing kadmin interface

Please suggest something

hi.. it was a dns issue which i resolved but now the problem is something different
when i try to join my user to mYGROUP domain
using
net ads join -Ukrit%****
<**** is the password>
the error prompted is..

‎[2012/03/21 19:52:57.061994, 0] param/loadparm.c:7599(lp_do_parameter)
Ignoring unknown parameter "use kerberos keytab method"
Enter root's password:
Failed to join domain: failed to find DC for domain MYGROUP.COM

please suggest something :(

sudo mv /etc/krb5.conf /etc/krb5.conf.d

^^ Solves the problem.