MIT Kerberos OTP with Windows

Charles Hedrick hedrick at
Fri Nov 3 09:30:27 EDT 2017

I’m using KfW 4.1. Since there’s no documentation on krb5.ini, I used the same syntax as for krb5.conf

 kdc =

I’m not using http_anchor, since we have a commercial cert, and other implementations don’t need us to specify a CA cert.

The error message says no kdc is reachable.

On Nov 2, 2017, at 7:33 PM, Benjamin Kaduk <kaduk at<mailto:kaduk at>> wrote:

On Wed, Nov 01, 2017 at 10:30:36PM +0000, Charles Hedrick wrote:

I’ll try agian. Also KfW doesn’t seem to implement kdc proxy. I’d prefer not to open my kdc to the world. I’m currrently using the Proxy for home use.

Hmm, could you say a bit more about what version of KfW you're using and
how you've tried to configure MS-KKDCP?  From the release notes, at least,
it seems that KfW 4.1 should have this support available in some form.


More information about the Kerberos mailing list