error : kinit(v5) : KRB5 error code 52 while getting initial credentials

Sunil Chandrasekharan sunilsushil at gmail.com
Wed Mar 12 02:01:56 EDT 2008


Hello all,
 i am Sunil C. i have a domain named xx.com which has a KDC.
 i also have a domain co.yy where my server is. there is no KDC in it.
 users are in xx.com domain. but my servers are in (co.yy) domain.
i had set up a test scenario with a user and a server in domain
(xx.com).
since KDc was setup i got ticket and was able to authenticate well
using kerberos.
my issue is that all my production servers are in domain (co.yy) which
doesnt have a KDC.
i want to authenticate and use the server services in that domain.
setting up KDC is not feasible in both domains for me.
 now i have done some configuration in krb5.conf file on my server
(test.co.yy)
[domain_realm]
xx.com = XX.COM
.xx.com = XX.COM
co.yy = XX.COM
.co.yy = XX.COM
this shows that my domain co.yy which doesnnot have a KDC , i have
mapped it to the realm XX.COM .

 now i have some issues.
1) i tried to get a keytab from the KDC of XX.COM ( my server in
co.yy)
 > ktpass -princ HTTP/test.co.yy at XX.COM
2) i somehow managed to get a keytab . i copied into Apache folder and
executed the command.

kinit -t /usr/local/apache/test03keytab HTTP/test.co.yy at XX.COM
password: xxxx

error : kinit(v5) : KRB5 error code 52 while getting initial
credentials

 Please help me understand what is this error..
 is it some issue with domain mapping configuration in krb5.conf file?
i am using kerberos 1.2.7 version.

 Thanks in advance

 Sunil C



More information about the Kerberos mailing list