help with Active Directory Kerberos authentication

Rohit Kumar Mehta rohitm at
Wed Oct 11 15:42:43 EDT 2006

hostname returns nfsv4etch

pinging nfsv4etch pings  I am using VMWARE and NAT,
but am no longer using

Christopher D. Clausen wrote:
> Russ Allbery <rra at> wrote:
>>Rohit Kumar Mehta <rohitm at> writes:
>>>debug1: Miscellaneous failure
>>>No principal in keytab matches desired name.
>>>My krb5.keytab looks like this:
>>>nfsv4etch:~# ktutil
>>>ktutil:  rkt /etc/krb5.keytab
>>>ktutil:  l
>>>slot KVNO Principal
>>>---- ----
>>>1    4 host/ at AD.ENGR.UCONN.EDU
>>>Does that look like it's generated properly?
>>I've run into this problem before (not with AD, but with MIT
>>Kerberos) and haven't been able to figure out what was causing it.
>>My theory was some sort of realm configuration mismatch, but I'm not
>>at all sure.
> What does hostname (or hostname -f) return on your computer?
> And then do an IP lookup on that.  If it resolves to a 127.*.*.* address 
> its not likely to work.
> <<CDC 

More information about the Kerberos mailing list