Problems with windows 2003 KDC and MIT kerberos
kdkirmse
kdkirmse at psiweaver.com
Thu Jul 29 13:14:12 EDT 2004
I have been having problems with getting a keytab file on a windows
2000 client running the MIT Kerberos utilities to interface properly
with a windows 2003 KDC. I had the same client working correctly when
the KDC was a windows 2000 server.
The command "kinit rdop at INFRASTOR.US" works correctly but when I
attempt to use "kinit -k" I get the following error message
kinit(v5): Cannot find KDC for requested realm while getting initial
credentials
My krb5.ini file is as follows
[libdefaults]
ticket_lifetime = 600
default_realm = INFRASTOR.US
default_keytab_name = C:/WINNT/krb5.keytab
default_etypes = des-cbc-crc
default_etypes_des = des-cbc-crc
[realms]
INFRASTOR.US = {
kdc = 192.168.0.3
admin_server = 192.168.0.3
}
[domain_realm]
.infrastor.us = INFRASTOR.US
infrastor.us = INFRASTOR.US
"klist -k -t -K" gives the following results.
Keytab name: FILE:C:/WINNT/krb5.keytab
KVNO Timestamp Principal
---- ----------------- ----------------------------------------
3 07/28/04 17:52:06 rdop at INFRASTOR.US (0x158cefb5d56d5eab)
This problem is frustrating because I had the system working correctly
prior to upgrading the KDC to a windows 2003 machine. I need some
suggestions on where to look next.
More information about the Kerberos
mailing list