On 12/18/2014 02:02 PM, Xie, Hugh wrote: > I am getting "Wrong principal in request" error on gss_accept_sec_context() > on one host but does not on another. I verified /etc/hosts, both host conform > to this format > > # Default /etc/hosts file > 127.0.0.1 localhost.localdomain localhost > 123.150.123.123 myhost.bankdomain.com myhost > > Are there any other causes for this error? > I am using krb5 1.11.5
Unfortunately several things can cause this error in 1.11. (In 1.13 we try harder to disambiguate.) Information which might help: * What do "hostname" and "hostname -f" say on each host? * What OS are these hosts running? * What server application are you getting the error from? If it's a custom application, what name was imported to create the verifier_cred_handle argument of gss_accept_sec_context? * Did you recently re-key one of the hosts without retaining the old keytab? (If so, run kinit again on the client to flush any old service tickets.) ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos