[EMAIL PROTECTED] wrote:
Sorry, version pasted wasn't edited properly. There were some other errors which I fixed. I seem to have narrowed the problem down. kinit -k is finding the AD domain controller which created the keytab. It is, however, using the wrong principal. If I do a kinit -k ADhost.keytab
You need the -t option:
kinit -k -t ADhost.keytab
strace on the RedHat 2.4.9 system shows:
ethereal protocol KRB5 AS-REQ Kerberos Version: 5 MSG Type: AS-REQ Request Options: 0000000000 Client Name: ADhost.keytab Type: Principal Name: ADhost.keytab Realm: ADDOMAIN.COM Server Name: krbtgt Type: Unknown Name: krbtgt Name: ADDOMAIN.COM Start Time: 2005-01-31 21:21:33 (Z) End Time: 2005-02-01 07:21:33 (Z) Random Number: 1107206493 Encryption Types Type: des3-cbc-sha1 Type: des-cbc-md5 Type: des-cbc-crc Addresses Type: IPv4 Value: 165.2.18.5
Kerberos Version: 5 MSG Type: KRB-ERROR stime: 2005-01-31 21:26:39 (Z) susec: 349682 Error Code: KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN realm: ADDOMAIN.COM sname: krbtgt Type: Unknown Name: krbtgt Name: ADDOMAIN.COM
So it is taking the keytab file name for some reason for the principal name. I tried renaming ADhost.keytab ADhost, but now I get a segmentation fault.
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
