RE: KrbException: Do not have keys of types listed in default_tkt_enctypes available

Fri, 15 May 2015 08:58:26 -0700 

[libdefaults]

default_realm = DOMAIN.COM

default_keytab_name = FILE:c:\apache-tomcat-7.0.61\conf\test.keytab

default_tkt_enctypes = rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96

default_tgs_enctypes = rc4-hmac,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha1-96

forwardable=true



[realms]

DOMAIN.COM= {

        kdc = domain-ad.DOMAIN.com:88

                                default_domain = DOMAIN.com

}



[domain_realm]

domain.com=DOMAIN.COM

.domain.com= DOMAIN.COM



[appdefaults]

autologin = true

forward = true

forwardable = true

encrypt = true



C:\Users\Administrator>ktpass /out c:\test.keytab /mapuser 
ssoad...@domain.com<mailto:ssoad...@domain.com>  /princ 
HTTP/windows-sso-demo.domain....@domain.com<mailto:HTTP/windows-sso-demo.domain....@domain.com>
 /pass P@ssw0rd /kvno 0





C:\Users\ssoadmin>kinit -k -t test.keytab

Exception: krb_error 0 Do not have keys of types listed in default_tkt_enctypes 
available; only have keys of following type:  No error

KrbException: Do not have keys of types listed in default_tkt_enctypes 
available ; only have keys of following type:

        at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:280)

        at sun.security.krb5.KrbAsReqBuilder.build(KrbAsReqBuilder.java:261)

        at sun.security.krb5.KrbAsReqBuilder.send(KrbAsReqBuilder.java:315)

        at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:361)

        at sun.security.krb5.internal.tools.Kinit.<init>(Kinit.java:219)

        at sun.security.krb5.internal.tools.Kinit.main(Kinit.java:113)



C:\Users\ssoadmin>

Please help me

DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the 
property of Persistent Systems Ltd. It is intended only for the use of the 
individual or entity to which it is addressed. If you are not the intended 
recipient, you are not authorized to read, retain, copy, print, distribute or 
use this message. If you have received this communication in error, please 
notify the sender and delete all copies of this message. Persistent Systems 
Ltd. does not accept any liability for virus infected mails.

________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

Reply via email to