Establishing and verifying a trust between Unix MIT KDC and Windows Server 2003 AD

N K nkaluskar at gmail.com
Tue Aug 3 18:18:47 EDT 2010


Hi all,

I followed the steps for a cross-realm setup between the MIT KDC and AD
according to O'reilly's Definitive Guide book:

- specifying KDC's using ksetup on the participating Windows machines

- creating principals krbtgt/domain at realm and krbtgt/realm at domain in the MIT
KDC

- creating a 2 way trust in the AD

- mapping an AD user to a user in the MIT KDC

However, when I try to logon to the Kerberos realm from a Windows machine
using the credentials of the MIT KDC user, I get an error that the system
could not log me on because the username or domain is incorrect.

Has anyone come across a similar problem before?

Thanks much in advance,

Nivedita.



More information about the Kerberos mailing list