help with Active Directory Kerberos authentication
Rohit Kumar Mehta
rohitm at engr.uconn.edu
Wed Oct 11 15:42:43 EDT 2006
hostname returns nfsv4etch
pinging nfsv4etch pings 192.168.1.137. I am using VMWARE and NAT,
but am no longer using 127.0.0.1
Christopher D. Clausen wrote:
> Russ Allbery <rra at stanford.edu> wrote:
>
>>Rohit Kumar Mehta <rohitm at engr.uconn.edu> writes:
>>
>>>debug1: Miscellaneous failure
>>>No principal in keytab matches desired name.
>>>
>>>My krb5.keytab looks like this:
>>>nfsv4etch:~# ktutil
>>>ktutil: rkt /etc/krb5.keytab
>>>ktutil: l
>>>slot KVNO Principal
>>>---- ----
>>>---------------------------------------------------------------------
>>>1 4 host/nfsv4etch.engr.uconn.edu at AD.ENGR.UCONN.EDU
>>>
>>>Does that look like it's generated properly?
>>
>>I've run into this problem before (not with AD, but with MIT
>>Kerberos) and haven't been able to figure out what was causing it.
>>My theory was some sort of realm configuration mismatch, but I'm not
>>at all sure.
>
>
> What does hostname (or hostname -f) return on your computer?
>
> And then do an IP lookup on that. If it resolves to a 127.*.*.* address
> its not likely to work.
>
> <<CDC
>
>
>
More information about the Kerberos
mailing list