You could try the -C and -E options to kinit:
-C canonicalize
-E client is enterprise principal name
— Luke
> On 2 Jun 2015, at 1:02 am, Nordgren, Bryce L -FS <bnordg...@fs.fed.us> wrote:
>
>> $ kinit '12001000550281\@fedidcard....@fedidcard.gov'
>
> Thanks! Making progress!
>
> It now prints a single backslash when describing the principal, both in
> errors emitted from kinit and the "listprincs" command in kadmin.local.
> However, I'm back to "client name mismatch" out of kinit, presumably because
> the MS User Principal Name in the certificate lacks the backslash.
>
> Bryce
>
>
>
>
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
www.lukehoward.com
soundcloud.com/lukehoward
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
