home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Message-ID: <5494513E.8060101@mit.edu> Date: Fri, 19 Dec 2014 11:24:30 -0500 From: Greg Hudson <ghudson@mit.edu> MIME-Version: 1.0 To: "Xie, Hugh" <hugh.xie@bankofamerica.com>, "<kerberos@mit.edu>" <Kerberos@mit.edu> In-Reply-To: <7E270C3427928E499F189C5636C52CDC45C6CF6D@smtp_mail.bankofamerica.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kerberos-bounces@mit.edu On 12/18/2014 02:02 PM, Xie, Hugh wrote: > I am getting "Wrong principal in request" error on gss_accept_sec_context() on one host but does not on another. I verified /etc/hosts, both host conform to this format > > # Default /etc/hosts file > 127.0.0.1 localhost.localdomain localhost > 123.150.123.123 myhost.bankdomain.com myhost > > Are there any other causes for this error? > I am using krb5 1.11.5 Unfortunately several things can cause this error in 1.11. (In 1.13 we try harder to disambiguate.) Information which might help: * What do "hostname" and "hostname -f" say on each host? * What OS are these hosts running? * What server application are you getting the error from? If it's a custom application, what name was imported to create the verifier_cred_handle argument of gss_accept_sec_context? * Did you recently re-key one of the hosts without retaining the old keytab? (If so, run kinit again on the client to flush any old service tickets.) ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
home | help | back | first | fref | pref | prev | next | nref | lref | last | post |