Cannot resolve network address for KDC in requested realm!

[M.Kondrin]

Amir Saad wrote:

> 
>thanks for ur reply, i still have the same problem
> 
>here is the commands i use on the client side:
>**********************************************************************************************************
>kinit host/machine.mydomain.org  (i used klist to list tickets and i found one for the host/machine.mydomain.org)
>./sample-client -s host -n mydomain.org -m GSSAPI
>lt-sample-client: SASL Other: GSSAPI Error: Miscellaneous failure (Cannot resolve network address for KDC in requested realm)
>error was SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (Cannot resolve network address for KDC in requested realm)
>lt-sample-client: Starting SASL negotiation: generic failure
>**********************************************************************************************************
>
>here is the conf file on the client machine:
>**********************************************************************************************************
># Begin /etc/heimdal/krb5.conf
>[libdefaults]
>    default_realm = MYDOMAIN.ORG
>[realms]
>    MYDOMAIN.ORG= {
>        kdc = mydomain.org
>        admin_server = mydomain.org
>        kpasswd_server = mydomain.org
>    }
>[domain_realm]
>    .mydomain.org= MYDOMAIN.ORG
>[logging]
>    kdc = FILE:/var/log/kdc.log
>    admin_server = FILE:/var/log/kadmin.log
>    default = FILE:/var/log/krb.log
># End /etc/heimdal/krb5.conf
>  
>
I do not quite understand your setup (the domain name is the same as the 
KDC machine name? Which host kinit then connects to? ). The -n switch in 
sample-client is the fully-qualified name of the host where 
sample-server  is running (in your case this is the KDC machine, isn't 
it?).   The error youi got is  reported when one specifies only domain 
name not the host-name as -n option.
M.Kondrin