Windows Server 2016 - KDC has no support for encryption type while getting initial credentials
Silambarasan Madhappan
silambarasan19 at gmail.com
Thu Nov 8 06:25:05 EST 2018
Hi,
I am new to Kerberos. I am not able to obtain Kerberos
ticket-granting tickets with strong encryption types from "Windows
Server 2016 AD"
My client kerberos configuration as below
========================
$ cat /etc/krb5.conf
[libdefaults]
default_realm = CIFS.COM
default_tkt_enctypes = AES256-CTS-HMAC-SHA1-96 AES128-CTS-HMAC-SHA1-96
default_tgs_enctypes = AES256-CTS-HMAC-SHA1-96 AES128-CTS-HMAC-SHA1-96
preferred_enctypes = AES256-CTS-HMAC-SHA1-96 AES128-CTS-HMAC-SHA1-96
ccache_type = 2
[realms]
CIFS.COM = {
kdc = WIN.cifs.com:88
}
[domain_realm]
.cifs.com = CIFS.COM
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
[bash4.2]$
Issue :
=====
$ kinit Administrator
kinit(v5): KDC has no support for encryption type while getting
initial credentials
$
Please let me know where can I find the kdc configuration types in
Active Directory (Windows Server 2016) ?
Do I have to change any configuration on Kerberos Client or Server ?
Please help me on this.
Thanks,
Silambarasan M
More information about the Kerberos
mailing list