SSPI/GSS-API : mech_dh: Invalid or unknown error
Jacques Lebastard
jacques.lebastard at evidian.com
Thu Apr 7 09:57:50 EDT 2005
Hi folks,
I wrote a SSPI Client / GSS-API Server application that works fine in a
tree of ActiveDirectory domains / Solaris realm environment where the
KDC are the AD domain controlers.
Server application is located in mytree.dom and users in child.mytree.dom.
However, I sometimes get an error for some users. These users can
establish a context from W2K workstations but cannot from WinXP
workstations (both workstations are located in child.mytree.dom).
The Solaris GSS-API server shows the following error message for
connections established on WinXP ws:
MAJOR(gss_accept_sec_context) : Unspecified GSS failure. Minor code may
provide more information
MINOR(gss_accept_sec_context) : mech_dh: Invalid or unknown error
What does 'mech_dh' mean ? Diffie-Hellman mechanism ???
What differences between Kerberos SSP W2K SP4 and WinXP SP 1 ?
Thanks for any hint,
--
Jacques
More information about the Kerberos
mailing list