I have scoured the internet for information on this error and found what should be the answer in the Kerberos FAQ, only it still isn't working.
I'm running from kdc1: /usr/krb5/sbin/kdb5_util dump /usr/krb5/lib/krb5kdc/slave_datatrans then: /usr/krb5/sbin/kprop -f /usr/krb5/lib/krb5kdc/slave_datatrans kdc2.mydomain.com The error is: /usr/krb5/sbin/kprop: Server rejected authentication (during sendauth exchange) while authenticating to server /usr/krb5/sbin/kprop: Incorrect net address signalled from server Error text from server: Incorrect net address I configured my DNS with the multi-homed hosts in mind as directed by Subject 2.14 of the Kerberos FAQ v2.0, using the "multiple address records per host" scheme that the author recommends. Output of the 'dig' command on both kdc1 and kdc2 shows all 3 addresses for each host pointing to the same hostname: ;; ANSWER SECTION: kdc1.mydomain.com. 1D IN A 10.1.1.98 kdc1.mydomain.com. 1D IN A 10.1.1.99 kdc1.mydomain.com. 1D IN A 10.1.1.101 ;; ANSWER SECTION: kdc2.mydomain.com. 1D IN A 10.1.1.102 kdc2.mydomain.com. 1D IN A 10.1.1.103 kdc2.mydomain.com. 1D IN A 10.1.1.104 The reverse lookup records are all there as well and 'dig' confirms each one matches the above forward lookup entries. I'm using Solaris 9. I know that I've confined the problem to the multihoming because if I remove multihoming on kdc1 and re-try the replication, it works fine. Does anyone know what I might be doing wrong?. Thanks and best regards, -Michael ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
