Bizzare problem with authenticating a service principal with AD
Jeffrey Altman
jaltman at secure-endpoints.com
Sun Mar 11 22:58:47 EDT 2007
Jason Testart wrote:
> I'm trying to get pam_krb5 working with an Active Directory domain. It
> works when I don't have a krb5.keytab file but it doesn't when I do,
> since the verification of the TGT using the service principal fails with
> an error: "Key table entry not found". The keytab file is simple as it
> only contains the "host" service principal for the Ubuntu Linux box that
> I am testing with.
What enctype is the service ticket being encrypted with?
Does that enctype exist in the keytab?
Does the kvno of the service ticket match the kvno of the entry in the
keytab?
Jeffrey Altman
Secure Endpoints Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20070311/57f2137a/attachment.bin
More information about the Kerberos
mailing list