Try to set KRB5_KTNAME='/path/to/user/accessible/keytab/file/for/that/service' in your service daemon's environment. Sergei Grigoriev wrote: > What do I need to do in order to > allow a non-root user to run this daemon and successfully test incoming > service tickets via GSSAPI?