Kerberos, Windows and FreeIPA

Randolph Morgan randym at
Fri Oct 23 14:58:26 EDT 2015

We are running a mixed environment network.  However, all of our 
authentication is performed via LDAP, we do not have an AD on our 
network, nor do we have any Windows servers, all of our servers are 
running RHEL.  We are working on implementing a new authentication 
server that is running FreeIPA, but would like to do single sign-on via 
Kerberos.  I have been reading posts for the better part of two weeks 
and can not find instructions that work, on how to get Windows (XP - 10) 
to authenticate via Kerberos.  Here is a list of some of the sites that 
I have looked at: 
(This is an older post but I was getting desperate) 

So here is the problem, when I attempt to set the Realm on the Windows 
client I receive the following error:

C:\Users\randym>ksetup /setrealm CHEM.BYU.EDU
Setting Dns Domain
Failed to set dns domain info: 0xc0000022
Failed /SetRealm : 0xc0000022

I have tried several varieties of this command, including setting the 
domain instead of the realm and always get the same result.  Can someone 
please put together a step by step process that includes both server 
side and client side for configuring Kerberos to work with Windows and 

Thank You in advance,


Randy Morgan
Department of Chemistry and Biochemistry
Brigham Young University

More information about the Kerberos mailing list