Wrong principal in request error on gss_accept_sec_context()
Greg Hudson
ghudson at mit.edu
Thu Jan 15 23:49:20 EST 2015
On 01/15/2015 05:18 PM, Xie, Hugh wrote:
> I upgrade the version of krb5 lib to version 1.13. Got more specific error:
> Request ticket server HTTP/ host2.site123.baml.com at COMMON.BANKOFAMERICA.COM kvno 15 enctype rc4-hmac found in keytab but cannot decrypt ticket
>
> Any idea?
Whatever procedure you are using to generate the keytab entry is not
generating the same key as the one present on the KDC.
I am not personally very familiar with creating keytabs for use with
Active Directory KDCs, but I know a lot of people use msktutil for that
purpose, rather than ktutil.
More information about the Kerberos
mailing list