0

I installed freeipa on centos7 - the installation did not throw any errors nor could I find anything unusual in the ipa install log file. However, when I run the kinit command post installation, I get the following response:

kinit admin

kinit: Generic error (see e-text) while getting initial credentials

Any thoughts on how to go about troubleshooting this?

Edit: In the /var/log/krb5kdc.log file, I see the following entry:

preauth pkinit failed to initialize: PKINIT initialization failed: Cannot read cert
ificate file '/var/kerberos/krb5kdc/kdc.crt': No such file or directory
ali haider
  • 19,175
  • 17
  • 80
  • 149
  • If you are not using a smartcard in this case I wouldn't focus on the pkinit error. I would instead focus on the kinit problem and to start off, I would ask to see your /etc/krb5.conf file - its a fairly small file. krb5.conf is a complement to DNS in that it allows the system to see where the important Kerberos resources are on the network. – T-Heron Jun 18 '18 at 11:01

1 Answers1

0

I ran the installation on centos and kinit works fine (I had to ensure that I was specifying the correct domain name during the installation script).

ali haider
  • 19,175
  • 17
  • 80
  • 149