Kerberos referrals

Mark Campbell mcc171 at psu.edu
Thu Mar 17 15:20:11 EST 2005


We have a trust between and MIT K5 realm and a Windows forest.  Kerberos
referrals have been working for everything except for when trying to log
onto a Live Communication Server in a child domain.  I see the client get
referred from the MIT realm to the Root domain in the forest.  From there
the root domain returns the krb5 error principal not found.  The root
domain should refer the client to the child domain where the LCS server
resides but doesn't for some reason.  If you access a cifs share in that
same child domain you see the process refer from the MIT K 5 realm to the
root domain and then the root domain refers the client to the child domain
just like it should.  I have verified and the service principal does
exist in the child domain.  Does anyone have any idea what might cause
this?

Thanks

Mark Campbell
Systems Analyst, Applied Information Technologies
Information Technology Services
The Pennsylvania State University
mcc171 at psu.edu, 814-865-4774


More information about the Kerberos mailing list