now other
resource for looking at AD/Mit KRB5.
-Original Message-
From: Greg Hudson [mailto:ghud...@mit.edu]
Sent: Thursday, January 15, 2015 11:49 PM
To: Xie, Hugh; ''
Subject: Re: Wrong principal in request error on gss_accept_sec_context()
On 01/15/2015 05:18 PM, Xie, Hu
On 01/15/2015 05:18 PM, Xie, Hugh wrote:
> I upgrade the version of krb5 lib to version 1.13. Got more specific error:
> Request ticket server HTTP/ host2.site123.baml@common.bankofamerica.com
> kvno 15 enctype rc4-hmac found in keytab but cannot decrypt ticket
>
> Any idea?
Whatever procedur
, January 15, 2015 10:38 AM
To: Greg Hudson; ''
Subject: RE: Wrong principal in request error on gss_accept_sec_context()
Kvno returns 15. I created a new entry HTTP/host2.site123.baml.com @
COMMON.BANKOFAMERICA.COM in keytab with kvno = 15. I still get the same "wrong
principal error&q
nt: Monday, January 05, 2015 9:37 PM
To: Greg Hudson; ''
Subject: RE: Wrong principal in request error on gss_accept_sec_context()
1. /efs/dist/kerberos/mit/1.11.5/exec/bin/klist -k -t $KRB5_KTNAME Keytab name:
FILE: /tmp/myacct.keytab
KVNO Timestamp
The same error still exists, did not make much
difference.
-Original Message-
From: Greg Hudson [mailto:ghud...@mit.edu]
Sent: Tuesday, January 06, 2015 1:52 PM
To: Xie, Hugh; ''
Subject: Re: Wrong principal in request error on gss_accept_sec_context()
On 01/05/2015 09:36 PM, X
--Original Message-
From: Greg Hudson [mailto:ghud...@mit.edu]
Sent: Tuesday, January 06, 2015 1:52 PM
To: Xie, Hugh; ''
Subject: Re: Wrong principal in request error on gss_accept_sec_context()
On 01/05/2015 09:36 PM, Xie, Hugh wrote:
> 1. /efs/dist/kerberos/mit/1.11.5/exec/bin/k
On 01/05/2015 09:36 PM, Xie, Hugh wrote:
> 1. /efs/dist/kerberos/mit/1.11.5/exec/bin/klist -k -t $KRB5_KTNAME
> Keytab name: FILE: /tmp/myacct.keytab
> KVNO Timestamp Principal
> ---
> --
>2 12/17/2014 15:30:08
On Mon, 5 Jan 2015, Xie, Hugh wrote:
> 3. What is the window equivalent command on windows?
There should still be a kvno.exe utility, which can be run from cmd.exe,
as "\path\to\kvno.exe
HTTP/host2.site123.baml@common.bankofamerica.com"
-Ben
K
13:36 (local)
Session Key Type: RSADSI RC4-HMAC(NT)
3. What is the window equivalent command on windows?
-Original Message-
From: Greg Hudson [mailto:ghud...@mit.edu]
Sent: Monday, January 05, 2015 5:12 PM
To: Xie, Hugh; ''
Subject: Re: Wrong principal in request error on
On 01/05/2015 04:04 PM, Xie, Hugh wrote:
> Any follow up on this issue? Do you need any more information? Should I turn
> on debugger to see where this error occurred, if yes I need some pointer
> which files to set break points.
I'm a bit confused by the information given so far, and I think so
Of
Xie, Hugh
Sent: Saturday, December 20, 2014 9:29 PM
To: 'Greg Hudson'; ''
Subject: RE: Wrong principal in request error on gss_accept_sec_context()
No it is different computer accounts. Keytab is created using ktutil.
-Original Message-
From: Greg Hudson [ghud...
No it is different computer accounts. Keytab is created using ktutil.
-Original Message-
From: Greg Hudson [ghud...@mit.edu<mailto:ghud...@mit.edu>]
Sent: Saturday, December 20, 2014 03:03 PM Eastern Standard Time
To: Xie, Hugh;
Subject: Re: Wrong principal in request er
On 12/19/2014 01:33 PM, Xie, Hugh wrote:
> We are using the same account on both hosts the Principal in the keytab is
> "mya...@common.bankofamerica.com"
> The service ticket on the clients has the principal of:
> HTTP/host1.bankofamerica.com @ COMMON.BANKOFAMERICA.COM
> HTTP/host2.site123.baml.c
@ COMMON.BANKOFAMERICA.COM
-Original Message-
From: kerberos-boun...@mit.edu [mailto:kerberos-boun...@mit.edu] On Behalf Of
Xie, Hugh
Sent: Friday, December 19, 2014 1:33 PM
To: Greg Hudson;
Subject: RE: Wrong principal in request error on gss_accept_sec_context()
We are using the same account on
Hudson [mailto:ghud...@mit.edu]
Sent: Friday, December 19, 2014 12:11 PM
To: Xie, Hugh;
Subject: Re: Wrong principal in request error on gss_accept_sec_context()
When you try to connect to the non-working server on the client, what service
ticket appears in the cache as reported by klist? How does
without retaining the old keytab?
> (If so, run kinit again on the client to flush any old service
> tickets.)
> I did this multiple times already.
>
> -----Original Message-
> From: Greg Hudson [mailto:ghud...@mit.edu]
> Sent: Friday, December 19, 2014 11:24 AM
> T
client to flush any old service
tickets.)
I did this multiple times already.
-Original Message-
From: Greg Hudson [mailto:ghud...@mit.edu]
Sent: Friday, December 19, 2014 11:24 AM
To: Xie, Hugh;
Subject: Re: Wrong principal in request error on gss_accept_sec_context()
On 12/18/2014 02:
On 12/18/2014 02:02 PM, Xie, Hugh wrote:
> I am getting "Wrong principal in request" error on gss_accept_sec_context()
> on one host but does not on another. I verified /etc/hosts, both host conform
> to this format
>
> # Default /etc/hosts file
> 127.0.0.1 localhost.localdomain localhost
18 matches
Mail list logo
