IPA krb5kdc service not starting - krb5kdc: Server error - while fetching master key
Issue
In IPA, krb5kdc
service is not starting and following errors are observed.
[root@ipaserver ~]# systemctl status krb5kdc.service
krb5kdc.service - Kerberos 5 KDC
Loaded: loaded (/usr/lib/systemd/system/krb5kdc.service; disabled)
Active: failed (Result: exit-code) since Wed 2015-06-24 17:11:47 BST; 18h ago
Process: 13002 ExecStart=/usr/sbin/krb5kdc -P /var/run/krb5kdc.pid $KRB5KDC_ARGS (code=exited, status=1/FAILURE)
Jun 24 17:11:47 ipaserver.example.com systemd[1]: Starting Kerberos 5 KDC...
Jun 24 17:11:47 ipaserver.example.com krb5kdc[13002]: krb5kdc: cannot initialize realm EXAMPLE.COM - see log file for details
Jun 24 17:11:47 ipaserver.example.com systemd[1]: krb5kdc.service: control process exited, code=exited status=1
Jun 24 17:11:47 ipaserver.example.com systemd[1]: Failed to start Kerberos 5 KDC.
Jun 24 17:11:47 ipaserver.example.com systemd[1]: Unit krb5kdc.service entered failed state.
In /var/log/krb5kdc.log
file following error is observed.
krb5kdc: Server error - while fetching master key K/M for realm EXAMPLE.COM
krb5kdc: Server error - while fetching master key K/M for realm EXAMPLE.COM
krb5kdc: Server error - while fetching master key K/M for realm EXAMPLE.COM
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise IdM(IPA) 4.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.