Wrong principal in request error on gss_accept_sec_context()
Xie, Hugh
hugh.xie at bankofamerica.com
Sat Dec 20 21:28:33 EST 2014
No it is different computer accounts. Keytab is created using ktutil.
-----Original Message-----
From: Greg Hudson [ghudson at mit.edu<mailto:ghudson at mit.edu>]
Sent: Saturday, December 20, 2014 03:03 PM Eastern Standard Time
To: Xie, Hugh;
Subject: Re: Wrong principal in request error on gss_accept_sec_context()
On 12/19/2014 01:33 PM, Xie, Hugh wrote:
> We are using the same account on both hosts the Principal in the keytab is "myacct at COMMON.BANKOFAMERICA.COM"
> The service ticket on the clients has the principal of:
> HTTP/host1.bankofamerica.com @ COMMON.BANKOFAMERICA.COM
> HTTP/host2.site123.baml.com @ COMMON.BANKOFAMERICA.COM
I guess this is an Active Directory KDC, and you are using a single
computer account for both hosts? (That's not the usual recommended
practice, but I assume you have a reason for it.) How did you create
the keytabs for the hosts?
----------------------------------------------------------------------
This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message.
More information about the Kerberos
mailing list