Cross-realm Authentication with Windows Server 2003

[Jeffrey Hutzelman]

On Monday, March 14, 2005 04:27:12 PM -0600 "Jeremy J. Casper" 
<casper at umn.edu> wrote:

> 1. ran the command kadmin: addprinc -e des-cbc-crc:normal
> krbtgt/ad.school.edu

> Mar 14 16:10:19 kerberos.school.edu krb5kdc[15690](info): TGS_REQ (5
> etypes {23 3 1 24 -135}) 128.128.128.128(88): UNKNOWN_SERVER: authtime
> 1110838219,  user at SCHOOL.EDU for krbtgt/AD.UMN.EDU at SCHOOL.EDU, Server not
> found in Kerberos database
>
> Any ideas on why we are getting the error "Server not found in Kerberos
> database"?


Kerberos principal and realm names are case-sensitive.
krbtgt/ad.school.edu and krbtgt/AD.UMN.EDU are not the same principal.
The uppercase name is the correct one.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+ at cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA