Hi, I am using mit kerberos library build in HP-UX IA64 platform but not able to get credentials from keytab. Username - password case works fine.
Same method in my API to get credentials from keytab works fine in library build for other platforms( win32, linux, aix ). On debugging i found that user-pass authentication passes as it completely uses UDP. Getting credential from keytab gives KRB5KRB_ERR_RESPONSE_TOO_BIG error on UDP so it tries with TCP. But TCP connection with KDC fails leading to "Cannot contact any KDC for realm" error. I am using windows KDC here. Also tried with different HP-UX machine and different KDC. But facing same problem. When i set udp_preference_limit=1 in krb5.conf, then user-pass credential obtaining also started failing which proved that library is having problem with TCP connection. Following link which has changes in latest HP-UX Kerberos Client shows that they have somehow provided support for TCP: https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRB5CLIENT It Says : "Kerberos Client libraries can now use TCP to connect to KDC. This may be necessary for the libraries to communicate with Microsoft KDCs (domain controllers) if they issue tickets with excessive PAC data." I can't use libraries provided by HP. I need to use my own build. Is there any specific setting or build option that needs to be passed to enable TCP support in mit kerberos for HPUX-IA64 platform ? My configure command is as following: ./configure CC=aCC CFLAGS="-D__hpux +DD64 -D_HPUX_API_LEVEL=20040821" CPPFLAGS=+DD64 CXXFLAGS=+DD64 -- Regards, Vipul ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos