Problem in running gss.exe of kfw 2.6 using MSLSA cache and using Active Directory as kdc

Vikas Gandhi vgandhi at quark.co.in
Mon Apr 5 02:40:54 EDT 2004 

C:\>klist tgt

Cached TGT:

ServiceName: krbtgt
TargetName: krbtgt
FullServiceName: mittest
DomainName: QDMS.CO.IN
TargetDomainName: QDMS.CO.IN
AltTargetDomainName: QDMS.CO.IN
TicketFlags: 0x40e00000
KeyExpirationTime: 1/1/1601 5:30:00
StartTime: 4/5/2004 9:28:09
EndTime: 4/5/2004 19:28:09
RenewUntil: 4/12/2004 9:28:09
TimeSkew: 1/1/1601 5:30:00



C:\>C:\OSBA\kfw-2.6-final\src\target\bin\i386\dbg\klist.exe -c MSLSA:
klist.exe: No credentials cache found while resolving ccache MSLSA:

I tried this by running the samples from Administrator but the same
results.
Jeffrey, U r very right when u say that If I don't have credentials
then I can't use gss. But why I am not able to pick up my credentials
FYI: I am giving a small check list of registry and env variables.
#1 
C:\>echo %KRB5CCNAME%
	MSLSA:
C:\ >echo %KRB5_KTNAME%
.\\krb5kt
#2
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters
    AllowTGTSessionKey = 0x01 (DWORD)
#3 krb5.ini located in c:\windows says
[domain_realm]
	.QDMS.CO.IN = QDMS.CO.IN
	QDMS.CO.IN = QDMS.CO.IN
[libdefaults]	
	dns_lookup_kdc = true
	default_realm = QDMS.CO.IN
	default_keytab_name = .\\krb5kt	
	default_tgs_enctypes = DES-CBC-CRC
	default_tkt_enctypes = DES-CBC-CRC
	ticket_lifetime = 600
[realms]
	QDMS.CO.IN = {
		admin_server = beetle	
		kdc = beetle.qdms.co.in:88
	}

Is there anything missing in the checklist ???

Regards
Vikas
Jeffrey Altman <jaltman2 at nyc.rr.com> wrote in message news:<4070529D.3010301 at nyc.rr.com>...
> Vikas Gandhi wrote:
> 
> > Now I reversed the entry 
> >    HKLM\Software\MIT\Kerberos5\
> >       PreserveInitialTicketIdentity = 0x0 (DWORD)
> >    HKCU\Software\MIT\Kerberos5\
> >       PreserveInitialTicketIdentity = 0x0 (DWORD)
> > and introduced new entry  
> > HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters
> >     AllowTGTSessionKey = 0x01 (DWORD)
> > Still the resulta are the sane
> > 
> > Regards
> > Vikas
> 
> What does "klist.exe -C" report?

More information about the Kerberos mailing list