Kerberos error authenticating from Unix to Windows AD
Jeffrey Altman
jaltman2 at nyc.rr.com
Thu Feb 19 10:19:37 EST 2004
Do you have a host key for the Windows workstation?
Does the Windows workstation know the name you have used for its host key?
Is the host key restricted to use an enctype of DES-CBC-CRC?
Did you create the host key with a password and not a random key?
Did you install the password into the Workstation using KSETUP?
Jeffrey Altman
Tyson Oswald wrote:
> Hello all,
>
> I read the white paper on the MS site
> (http://www.microsoft.com/windows2000/techinfo/planning/security/kerbsteps.asp)
> to setup AD authentication on Unix. It is based on MIT KDC, but I am
> using SEAM. Since SEAM is based on MIT, I assumed it would work. I
> am using SEAM 1.0.1 on SPARC Solaris 8. I followed the instructions
> in the white paper, and according to the event log on our PDC the user
> authenticates successfully. But, the Service Ticket is failing
> authentication. I am troubled as to why. The event id I am getting
> in the event log is 677. The failure code is 0x0d (bad option) and
> the ticket option is 0x02. According the the RFC 0x02 menas FORWARDED.
>
> Has anyone run into this error or know what is wrong?
>
> thank you,
>
> Tyson Oswald
More information about the Kerberos
mailing list