problem:Hi i want to test Keberos Interoperatability with windows and linux
Eswar S
eswars at huawei.com
Tue Jan 23 22:13:44 EST 2007
Hi all,
I have the KDC in windows 2003 server.kerberos client I am running at linux
machine. I have added on user in my AD as gssserver . same gssserver account
I am able to login from linux machine. I am getting TGT.But I am not able to
run gss-server sample application.
./gss-server test/linux.gxboss.com at GXBOSS.COM
GSS-API error acquiring credentials: Unspecified GSS failure. Minor code
may provide more information
GSS-API error acquiring credentials: No such file or directory
I wanted an environment like sspiclient (gssclient) in windows should
mutually authenticate linux gssserver using same windows KDC.
Can please help me
C:\Program Files\Resource Kit>SETSPN -A test/linux gssserver
Registering ServicePrincipalNames for CN=gssserver,CN=Users,DC=gxboss,DC=com
test/linux
Updated object
C:\Program Files\Resource Kit>Setspn.exe -L gssserver
Registered ServicePrincipalNames for CN=gssserver,CN=Users,DC=gxboss,DC=com:
test/linux
sample/linux.gxboss.com
host/linux.gxboss.com
host/linux
gssserver/gssserver
C:\ktpass>ktpass -out test.keytab -princ test/linux.gxboss.com at GXBOSS.COM
-pass infoseclab -crypto DES-CBC-CRC -ptype KRB5_NT_PRINCIPAL -kvno 9
Key created.
Output keytab to test.keytab:
Keytab version: 0x502
keysize 59 test/linux.gxboss.com at GXBOSS.COM ptype 1 (KRB5_NT_PRINCIPAL) vno
9 et
ype 0x1 (DES-CBC-CRC) keylength 8 (0xc4da9d4591a21c76)
I transferred this key tab file to Linux machine and merged with
/etc/krb5.keytab using ktutil
I am not able to execute gss-server.......... please give a solution , I am
struggling for this problem from so long time.
Thank you
Eswar S
****************************************************************************
****************************
This e-mail and attachments contain confidential information from HUAWEI,
which is intended only for the person or entity whose address is listed
above. Any use of the information contained herein in any way (including,
but not limited to, total or partial disclosure, reproduction, or
dissemination) by persons other than the intended recipient's) is
prohibited. If you receive this e-mail in error, please notify the sender by
phone or email immediately and delete it!
More information about the Kerberos
mailing list