Query, Need help gssapi-client tool - Can't find client principal
Santosh Kumar
santoshjeergi at gmail.com
Tue Dec 4 06:21:44 EST 2018
Dear all,
I'm struggling to use gss_acquire_cred, it's not able to find the
principal , from the kerberos FILE:/tmp/krb cache.
I'm looking at gss-client tool, for validating:
gss-client -port 443 -user leema at PULSEBLR.COM -ccount 1 -mcount 1
CASMPS127.PULSEBLR.COM at PULSEBLR.COM http test
Facing:
GSS-API error acquiring creds: Unspecified GSS failure. Minor code may
provide more information
GSS-API error acquiring creds: Can't find client principal
leema at PULSEBLR.COM in cache collection
Below is the cache:
[admin at pxe-dev kinit]$ ../klist/klist
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: host/PXE-DEV.PULSEBLR.COM at PULSEBLR.COM
Valid starting Expires Service principal
12/04/2018 10:48:04 12/04/2018 20:48:04 krbtgt/PULSEBLR.COM at PULSEBLR.COM
renew until 12/11/2018 10:48:04
12/04/2018 10:48:07 12/04/2018 20:48:04 host/
PXE-DEV.PULSEBLR.COM at PULSEBLR.COM
for client leema\@PULSEBLR.COM at PULSEBLR.COM, renew until 12/11/2018
10:48:04
12/04/2018 10:48:07 12/04/2018 20:48:04 http/
CASMPS127.PULSEBLR.COM at PULSEBLR.COM
for client leema\@PULSEBLR.COM at PULSEBLR.COM, renew until 12/11/2018
10:48:04
More information about the Kerberos
mailing list