logon to 2003 AD fails with "KDC reply did not match expectations"

Klavs Klavsen kl at vsen.dk
Wed Mar 2 02:33:33 EST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

on 24-02-2005 15:56 jan.peuker at lst-deutschland.de wrote:

| First I thought you're using the wrong krb-version but it seems to
| be ok(because I'm using the same setup). I don't know if it's
| relevant but you could try my krb5.conf:

Hi Jan,

Thanks for your krb5.conf - but I ran kerbtray on the windows server
and found that the kerberos REALM actually was the dns-style name of
it in CAPS - and not the domain name the clients see (which is
appereantly only the netbios name). My bad in short :)

It all works now, I'm happy to say :)
[SNIP]
- --
Regards,
Klavs Klavsen, GSEC - kl at vsen.dk - http://www.vsen.dk
PGP: 7E063C62/2873 188C 968E 600D D8F8  B8DA 3D3A 0B79 7E06 3C62

"Those who do not understand Unix are condemned to reinvent it, poorly."
~  --Henry Spencer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCJWxMPToLeX4GPGIRAmh0AKCvY1L5oi50L4JmOvZKnxqSiIW6+gCdFYlK
3Oq8jMruYEqLXZpiak/wGgg=
=hBgW
-----END PGP SIGNATURE-----



More information about the Kerberos mailing list