kinit: Key table entry not found while getting initial credentials

scoco sandro.coco at gmail.com
Tue Oct 31 09:20:30 EST 2006


Hi Kerberos experts,

could anyone help me in addressing this issue since I am a T-O-T-A-L
newbie in Kerberos.

I have to retrieve kerberos credential in Solaris 5.8 (SEAM 1.0.1)
using a windows2003 Active Directory as KDC, and I am compelled to use
the credential of a user different from Solaris' user.

Let's say I work with user appadm on Solaris and user
domuser at resource.corp in AD.

AD administrator generated a keytab for my Solaris user in this way:

Ktpass -princ kerberos/domuser.resource.corp at RESOURCE.CORP -mapuser
domuser -pass [passwd of domuser] -out domuser.keytab

and gave me the domuser.keytab file.

I configured krb5.conf and stored the content of this keytab file in
/etc/krb5/krb5.keytab via ktutil:

ktutil:  rkt domuser.keytab
ktutil:  l
slot KVNO Principal
---- ----
--------------------------------------------------------------------------
   1    4 kerberos/domuser.resource.corp at RESOURCE.CORP
ktutil:  wkt /etc/krb5/krb5.keytab
ktutil:  q

Now I think my krb5.conf is correct since I am able to get a TGT via
kinit in this way:
kinit kerberos/domuser.resource.corp at RESOURCE.CORP
then I enter domuser's password and with klist I can see the TGT.
But I need to obtain the credentials without entering a password since
the kinit command has to be put in the startup script of an
application. So I tried this:

appadm 99% kinit -k kerberos/domuser.resource.corp at RESOURCE.CORP
kinit: Key table entry not found while getting initial credentials

:-S ...nothing useful found till now to explain this... what's wrong?
Any help appreciated.
Thanks in advance! :D
Sandro




More information about the Kerberos mailing list