Server Not Found in Kerberos DataBase

Question

I am facing a problem regarding kerberos database connection. I am unable to connect the kerberos database from another system where kerberos is not installed. here are the logs while running from system on which kerberos is not installed

May 10 15:08:39 D-9539 krb5kdc[11882](info): AS_REQ (4 etypes {18 17 16 23})
 **10.10.179.228**: ISSUE: authtime 1462873119, etypes {rep=18 tkt=18  nses=18}, mohanv@EXAMPLE.COM for krbtgt/EXAMPLE.COM@EXAMPLE.COM
May 10 15:08:40 D-9539 krb5kdc[11882](info): TGS_REQ (4 etypes {18 17 16 23}) 10.10.179.228: LOOKING_UP_SERVER: authtime 0,  mohanv@EXAMPLE.COM for **hbase/d-9539@EXAMPLE.COM**, **Server not found in Kerberos database**

Error:

Server not found in Kerberos database

and it is working fine on local machine that is where kerberos installed

logs while running locally on kerberos server

May 10 15:09:28 D-9539 krb5kdc[11882](info): AS_REQ (6 etypes {18 17 16 23 1 3}) **10.10.167.160**: ISSUE: authtime 1462873168, etypes {rep=18 tkt=18 
ses=18}, mohanv@EXAMPLE.COM for krbtgt/EXAMPLE.COM@EXAMPLE.COM

May 10 15:09:29 D-9539 krb5kdc[11882](info): TGS_REQ (6 etypes {18 17 16 23 1 3}) **10.10.167.160**: ISSUE: authtime 1462873168, etypes {rep=18 tkt=18 
ses=18}, mohanv@EXAMPLE.COM for **hbase/d-9539.mydomain.com@EXAMPLE.COM**

One thing that i have noted is in above logs i am getting for hbase/d-9539@EXAMPLE.COM

d-9539 is not my FQDN

while in second log i am getting for hbase/d-9539.mydomain.com@EXAMPLE.COM

i.e d-9539.mydomain.com my FQDN

Answer 1

Did you have configured krb5.conf file properly in the client machine? It seems the error because of missing or invalid DNS entries.

Some common Kerberos Error

Similar question here

Cannot get Kerberos service ticket: KrbException: Server not found in Kerberos database (7)

Answer 2

dns issue

solution:

one:

edit /etc/hosts map hbase/d-9539 hbase/d-9539

two:

if you use python paramiko client, can use param gss_trust_dns=False forbid host parse