Service principals
David A. Resler
resler at ohio.edu
Mon Jun 10 12:01:32 EDT 2002
I'm looking for documentation/information on service principals and what
goes on behind the scenes.
I'm attempting to use K5 authentication with CorporateTime. Our K5 is part
of a DCE installation.
I've generated a principal with a primary name of "uniengd" and am using
the fully qualified domain name of the CT server as the instance.
When my CT client makes a "TGS-REQ" request, I receive back a "KRB-ERROR"
packet with the error code "KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN". The packet
also contains "Server not found in Kerberos database (dce / krb)".
The service principal looks OK, i.e., the dcecp command "principal show
uniengd/{CT hostname}" looks OK.
Any ideas?
-----------------------------------------------------------------
David A. Resler E-mail: resler at ohio.edu
Senior Network Engineer
Communication Network Services, Ohio University
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 231 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20020610/9e3ea9be/attachment.bin
More information about the Kerberos
mailing list