Markus Moeller wrote: > > mismatch. What do you get when using the 2003 clients ? > > Markus, you are great! That was indeed the cause of the problem. Thank > you ever so much. > > I have created an identical key with kvno=3 in the squid keytab, and > now it's working. To hell with the Windows admin and his bogus kvno.
On a more practical note, the Windows command to extract the squid keytab from the AD was ktpass -princ HTTP/proxy2.sibptus...@stn.tn.corp -mapuser squiduser +rndPass -out squid.keytab -ptype KRB5_NT_PRINCIPAL /target x.x.x.x -kvno 1 -crypto All probably the "-kvno 1" is to blame. If anyone is experienced with the Microsoft Kerberos implementation, is this a correct command? Is it necessary to explicitly specify the kvno? The Squid Wiki recommends msktutil instead of ktpass.exe though. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
