Windows 2003 KDC: Problem mit ktpass

Frank Taylor FrankSTaylor at
Thu Sep 2 11:36:07 EDT 2004

Jeremy mentioned the solution above: you need to specify the user's
domain in the mapUser argument.

The following is an entry from our knowledge base on this problem:



When using ktpass.exe on a Windows Server 2003 domain controller to
map a service principal, such as ktpass.exe -princ
wts/ at DOMAIN.INT -mapuser wts.server, ktpass.exe
returns the error message:

DSCrackNames returned 0x2 in the name entry for wts.server


0x2 is the Windows NT hex code for 'not found'. ktpass has been unable
to locate the user you specified.


ktpass needs more info

You need to specify the user more fully, by prefacing the user name
with the domain name:

    ktpass.exe -princ wts/ at DOMAIN.INT -mapuser

where DOMAIN is the NetBIOS version of the AD domain.




More information about the Kerberos mailing list