Dear All, The problem was definitely related to the bug with SP1, as after applying the hotfix and specifying +DesOnly when running ktpass, kinit -kt works fine.
Thank you all for your time and the information, John -----Original Message----- From: Javier Palacios [mailto:[email protected]] Sent: 08 April 2009 18:18 To: John Hefferman Cc: [email protected] Subject: Re: Aqcuiring a TGT for a host/ principal using Active Directory On Wed, Apr 8, 2009 at 11:52 AM, John Hefferman <[email protected]> wrote: > The problem I am experiencing, is that I can't seem to 'kinit -k' using > an spn of an instance type such as host/ when using an AD domain > controller. > > The procedure is as follows: > - I create a new account in active directory, such as 'computerA' > - I run ktpass (or msktutil) to associate a host/ principal name with > this account (host/computera.f...@realm) and create a keytab You can try to install samba at the unix server, configure for kerberos security and join it to the domain, an also try with css_adkadmin. Javier Palacios ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
