I have a machine with WIN 2003 server and i have installed an Active Directory service and the domain is MICA.

I added the user testkerberos to the active directory



I have another machine with windows XP in the domain of the euri





I put in the directory C:\WINDOWS\krb5.ini this:



[libdefaults]

default_realm = MICA.FR

dns_lookup_kdc = true

dns_lookup_realm = false



[realms]

MICA.FR = {

kdc = Win2003srv

# admin_server = Win2003srv

# default_domain = mica.fr

}





[logging]

# kdc = CONSOLE





I do a "kinit -5 testkerberos" on the win xp machine and the "klist -5" done :

Ticket cache: API:krb5cc

Default principal: testkerberos@MICA.FR



Valid starting Expires Service principal

04/12/07 17:06:59 04/13/07 03:06:59 krbtgt/MICA.FR@MICA.FR



It is OK.



On the win 2003 srv, I generate the krb5kt with the command:

ktpass.exe -out krb5kt -princ testkerberos/eu-000525.euri.fr@MICA.FR -pass testkerberos -mapuser testkerberos -crypto DES-CBC-CRC -ptype KRB5_NT_PRINCIPAL



And I put the krb5kt on the c:\windows on the windows XP.





When I run the command "gss-server testkerberos", the result is:

GSS-API error acquiring credentials: Miscellaneous failure

GSS-API error acquiring credentials: No principal in keytab matches desired name





When I run the command "gss-server testkerberos/eu-000525.euri.fr@MICA.FR", the result is:

GSS-API error importing name: An invalid name was supplied

GSS-API error importing name: Hostname cannot be canonicalized





I do the klist -k :

Keytab name: FILE:C:\\windows\\krb5kt

KVNO Principal

---- --------------------------------------------------------------------------

42 testkerberos/eu-000525.euri.fr@MICA.FR





Where is the mistake?





Please help me.

Thanks

________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos