Status 0x96c73ac3 - No credentials cache found

Edward Murrell edward at murrell.co.nz
Tue Aug 18 17:05:25 EDT 2009 

You will need to specify the principle you wish to use when running
kinit. This is because keytabs can contain multiple principles.

ie;
kinit -kt /etc/krb5/krb5.keytab host/uk0108.bxc.com at BXC.COM

Hope this helps!
Cheers,
Edward

On Tue, 2009-08-18 at 13:04 -0700, dxtans wrote:
> Hello,
> I have installed kerberos v5 on aix, the principle account has been
> created Ok on the AD server.
> But when I try and run kinit on the unix side I get:
> 
> 
> ktutil:  rkt /etc/krb5/uk0108.keytab
> ktutil:  list
> slot   KVNO   Principal
> ------ ------ ------------------------------------------------------
>      1      5   host/uk0108.bxc.com at BXC.COM
> ktutil:  wkt /etc/krb5/krb5.keytab
> ktutil:  quit
> 
> kinit  -kt /etc/krb5/krb5.keytab
> Unable to obtain initial credentials.
>         Status 0x96c73ab5 - Key table entry not found.
> 
> Now I have googled this error, I can confirm, that I can resolv
> correctly both forward and reverse lookups usng dig and host for the
> fqdn. That the config file is correct with the domain name.
> 
> I have used tcpdump on the inteface and althought I see connections to
> port 88 on the AD side, there is nothing being passed.
> I am running this as root. Should I create the principle account
> (uk0108) also on the unix side and run the above commands as that use?
> 
> Does anybody have any other avenues I can investigate.
> 
> 
> My conf file is:
> 
> [libdefaults]
>         default_realm = BXC.COM
>         dns_lookup_realm = false
>         dns_lookup_kdc = false
>         default_keytab_name = FILE:/etc/krb5/krb5.keytab
>         default_tkt_enctypes = des-cbc-md5
>         default_tgs_enctypes = des-cbc-md5
> 
> 
> [realms]
>         BXC.COM = {
>                 kdc = ukad01.bxc.com:88
>                 admin_server = uk0108.bxc.com:749
>                 default_domain = bxc.com
>         }
> 
> [domain_realm]
>         .bxc.com = BXC.COM
>         uk0108.bxc.com = BXC.COM
> [logging]
>         kdc = FILE:/var/krb5/log/krb5kdc.log
>         admin_server = FILE:/var/krb5/log/kadmin.log
>         default = FILE:/var/krb5/log/krb5lib.log
> 
> 
> 
> 
> 
> thanks
> dxtans
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos

More information about the Kerberos mailing list