[36685] in Kerberos
Re: Wrong principal in request error on gss_accept_sec_context()
daemon@ATHENA.MIT.EDU (Greg Hudson)
Sat Dec 20 15:04:13 2014
Message-ID: <5495D627.2060607@mit.edu>
Date: Sat, 20 Dec 2014 15:03:51 -0500
From: Greg Hudson <ghudson@mit.edu>
MIME-Version: 1.0
To: "Xie, Hugh" <hugh.xie@bankofamerica.com>,
"<kerberos@mit.edu>" <Kerberos@mit.edu>
In-Reply-To: <7E270C3427928E499F189C5636C52CDC45C6DDE1@smtp_mail.bankofamerica.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 12/19/2014 01:33 PM, Xie, Hugh wrote:
> We are using the same account on both hosts the Principal in the keytab is "myacct@COMMON.BANKOFAMERICA.COM"
> The service ticket on the clients has the principal of:
> HTTP/host1.bankofamerica.com @ COMMON.BANKOFAMERICA.COM
> HTTP/host2.site123.baml.com @ COMMON.BANKOFAMERICA.COM
I guess this is an Active Directory KDC, and you are using a single
computer account for both hosts? (That's not the usual recommended
practice, but I assume you have a reason for it.) How did you create
the keytabs for the hosts?
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
