Jeremy mentioned the solution above: you need to specify the user's
domain in the mapUser argument.
The following is an entry from our knowledge base on this problem:
------------------------------------------------------------------
Symptom
When using ktpass.exe on a Windows Server 2003 domain controller to
map a service principal, such as ktpass.exe -princ
wts/[EMAIL PROTECTED] -mapuser wts.server, ktpass.exe
returns the error message:
DSCrackNames returned 0x2 in the name entry for wts.server
Explanation
0x2 is the Windows NT hex code for 'not found'. ktpass has been unable
to locate the user you specified.
Causes
ktpass needs more info
You need to specify the user more fully, by prefacing the user name
with the domain name:
ktpass.exe -princ wts/[EMAIL PROTECTED] -mapuser
DOMAIN\wts.server
where DOMAIN is the NetBIOS version of the AD domain.
------------------------------------------------------------------
Thanks,
Frank.
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
