KRB5KDC_ERR_ETYPE_NOSUPP in protocol transition
Nikhil Mishra
nikhilm at gs-lab.com
Mon Jul 27 05:17:56 EDT 2009
Hi All ,
I made some changes in krb5_get_credentials to work for protocol
transition and constrained delegation .
The issues I have is following :
I am able to fetch an S4U2Self ticket.While I make a S4U2proxy request
It gives me KRB5KDC_ERR_ETYPE_NOSUPP error .
The machine setup is following :
1. Domain controller : Windows server 2003 SP2 with all updates later .
2. MIT kerberos 1.6.5 with changes for protocol transition and
constrained delegation.
I used setspn utility to create this service principal .
default-tkt-enctypes = rc4-hmac des-cbc-md5 des-hmac-sha1
I have tried other combinations like removing rc4-hmac , but nothing
works .
I have written small utilities based on MIT kerberos library to make
S4U2Self request on behalf of some other user .
Thanks
Nikhil
More information about the krbdev
mailing list