MIT KDC Windows standalone interop
Brian Krings
krings at magnaspeed.net
Thu May 30 18:24:58 EDT 2002
I have an MIT KDC that I want to authenticated my Win2K workstations to.
I have followed the MS interop instructions to the best of my ability,
but I get the following error message when trying to sign onto the
external Kerberos realm. "The system could not log you on. Make sure
your User name and domain are correct, then type your password again.
Letter is passwords must be typed using the correct case. Make sure that
" unfortunately it ends there. I can check the log files on my MIT KDC
and see that an AS_REQ was received and processed followed by a TGS_REQ
for the computer that I tried to signon to which is processed as well.
However, I think the service ticket recieved back at my Win2K
workstation does not like it.
I have used the ksetup to identify my realm and kdc. As well as mapping
my MIT kerberos principal to a local user.
The output of ksetup follow:
default realm = GB.ABC.COM
GB.ABC.COM:
kdc = mach1.gb.abc.com
Mapping bill at GB.ABC.COM to frank
I have used ksetup to set the computer password to the password used
when adding the host/<machine name> principal to the KDC? Can anyone see
what I am doing incorrectly?
Thanks, Brian
More information about the Kerberos
mailing list