A client name with an '@'
Luke Howard
lukeh at padl.com
Tue Jun 2 17:25:24 EDT 2015
You could try the -C and -E options to kinit:
-C canonicalize
-E client is enterprise principal name
— Luke
> On 2 Jun 2015, at 1:02 am, Nordgren, Bryce L -FS <bnordgren at fs.fed.us> wrote:
>
>> $ kinit '12001000550281\@fedidcard.gov at FEDIDCARD.GOV'
>
> Thanks! Making progress!
>
> It now prints a single backslash when describing the principal, both in errors emitted from kinit and the "listprincs" command in kadmin.local. However, I'm back to "client name mismatch" out of kinit, presumably because the MS User Principal Name in the certificate lacks the backslash.
>
> Bryce
>
>
>
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
www.lukehoward.com
soundcloud.com/lukehoward
More information about the Kerberos
mailing list