Hallo Paul
I've read up your E-mail concerning " Kerberos error - KDC reply did not match
expectations" dated on Fri Oct 30 2009.
I've got into difficulty after configuring KRB5 on an AIX 5.3 Lpar to access
the KDC on a remote WIn2003 Rel. 2 ADS.
For this constellation, I've added same entries as you've done in the
methofs.cfg
KRB5A:
program = /usr/lib/security/KRB5A
program_64 = /usr/lib/security/KRB5A_64
options = authonly,tgt_verify=no,kadmind=no,is_kadmind_compat=no
KRB5:
program = /usr/lib/security/KRB5
options = authonly
I can so far obtain Tickets, after me authorised with kinit from Service
principal KDC on the Active Directory Server.
The following User entries have been added on to the system after I called
"mkuser registry=KRB5Afiles SYSTEM=KRB5Afiles UserXXX".
UserXXX:
admin = false
registry = KRB5Afiles
SYSTEM = "KRB5Afiles"
The /usr/lib/security KRB5 and KRN5_64 modules are O.K, but still the access
(telnet) on the IBM KRB Client using ADS user is denied
by 3004-619 Security method "KRB5Afiles" could not be loaded.
Have you an idea how to sort out the problem.
I' would be deeply grateful to you in case you could send me some tips about it.
Best regards
Vangelis
E-Mail:
[email protected]<mailto:[email protected]>
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
