Jacques Lebastard wrote:
The Kerberos OID is specified when invoking gss_acquire_cred within=20 GSS-API server.
OK, but is the gss server able to actually acquire these creds? Usually, the server gets its credentials from a keytab file (/etc/krb5/krb5.keytab on Solaris 9).
> To make the system default to using the Kerberos mech, adjust the > lines in /etc/gss/mech file so that kerberos_v5 mechanism appears > before the mech_dh mechanisms.
Changing the entries in the mech file and restarting the GSS-API server=20 did not solve the problem. Would a server reboot make any difference ?
No, rebooting Solaris will probably not help.
What is the gssapi client requesting in it's initial token?
You might try analyzing the token that the gss-server is receiving
to make sure it is getting an initial token that requests the Kerberos
OID.
-Wyllys
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
