Sorry, version pasted wasn't edited properly. There were some other errors which I fixed. I seem to have narrowed the problem down. kinit -k is finding the AD domain controller which created the keytab. It is, however, using the wrong principal. If I do a kinit -k ADhost.keytab
strace on the RedHat 2.4.9 system shows: ethereal protocol KRB5 AS-REQ Kerberos Version: 5 MSG Type: AS-REQ Request Options: 0000000000 Client Name: ADhost.keytab Type: Principal Name: ADhost.keytab Realm: ADDOMAIN.COM Server Name: krbtgt Type: Unknown Name: krbtgt Name: ADDOMAIN.COM Start Time: 2005-01-31 21:21:33 (Z) End Time: 2005-02-01 07:21:33 (Z) Random Number: 1107206493 Encryption Types Type: des3-cbc-sha1 Type: des-cbc-md5 Type: des-cbc-crc Addresses Type: IPv4 Value: 165.2.18.5 Kerberos Version: 5 MSG Type: KRB-ERROR stime: 2005-01-31 21:26:39 (Z) susec: 349682 Error Code: KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN realm: ADDOMAIN.COM sname: krbtgt Type: Unknown Name: krbtgt Name: ADDOMAIN.COM So it is taking the keytab file name for some reason for the principal name. I tried renaming ADhost.keytab ADhost, but now I get a segmentation fault. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
