kinit: Cannot find KDC for realm while getting initial credentials
Problem is that you need
dns_lookup_kdc = true
in your /etc/krb5.conf under the [libdefaults] section file:
[root@mysql01 ~]# kinit tom@mds.xyz
kinit: Cannot find KDC for realm "mds.xyz" while getting initial credentials
[root@mysql01 ~]#
[root@mysql01 ~]# vi /etc/krb5.conf
[root@mysql01 ~]# systemctl restart sssd
[root@mysql01 ~]# kinit tom@mds.xyz
Password for tom@mds.xyz:
[root@mysql01 ~]#
The other source of this error is that you're really missing the realm:
Sep 22 16:45:45 mdskvm-p01 [sssd[krb5_child[16698]]]: Cannot find KDC for realm "MDS.XYZ"
so to solve it add this block:
[realms]
MDS.XYZ = {
kdc = ad.mds.xyz
default_domain = mds.xyz
}
And the following:
[domain_realm]
.nix.mds.xyz = NIX.MDS.XYZ
nix.mds.xyz = NIX.MDS.XYZ
mdskvm-p01.nix.mds.xyz = NIX.MDS.XYZ
.mds.xyz = MDS.XYZ
mds.xyz = MDS.XYZ
Cheers,
TK