>>Consider using msktutil(1), it does a very good job with the Active Directory.
After creating the keytab file by using the KTPASS command, keytab file is added in BS2000 machine and connection test becomes successful for encryption types RC4_HMAC_NT, AES128-SHA1, AES256-SHA1, DES_CBC_CRC and DES_CBC_MD5. But the connection test for encryption type DES_CBC_CRC and DES_CBC_MD5 becomes successful without adding the keytab file in BS2000. can you please suggest what settings need to be done in order to perform the connection test for encryption type RC4_HMAC_NT, AES128-SHA1 and AES256-SHA1 without adding the KEYTAB file in BS2000. -- View this message in context: http://kerberos.996246.n3.nabble.com/Kerberos-failed-with-krb5krb-AP-ERR-BAD-INTEGRITY-tp46816p47081.html Sent from the Kerberos - General mailing list archive at Nabble.com. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos