[30410] in Kerberos
Identified does not match issue
daemon@ATHENA.MIT.EDU (vssureka@gmail.com)
Tue Nov 4 00:20:46 2008
From: vssureka@gmail.com
Date: Mon, 3 Nov 2008 15:10:45 -0800 (PST)
Message-ID: <1855dd78-3e90-46fd-a9b5-12a292f225d6@b38g2000prf.googlegroups.com>
Mime-Version: 1.0
X-Complaints-To: groups-abuse@google.com
Complaints-To: groups-abuse@google.com
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
After struggling with this issue for almost two days now, I have run
out of issues. Here is what I get when i run kinit
C:\Program Files\Java\jdk1.5.0_16\bin>kinit -k -t c:\JBOSS.host.keytab
JBOSS
Exception: krb_error 24 Pre-authentication information was invalid
(24) Pre-auth
entication information was invalid
KrbException: Pre-authentication information was invalid (24)
at sun.security.krb5.KrbAsRep.<init>(KrbAsRep.java:66)
at sun.security.krb5.KrbAsReq.getReply(KrbAsReq.java:486)
at
sun.security.krb5.internal.tools.Kinit.sendASRequest(Kinit.java:308)
at sun.security.krb5.internal.tools.Kinit.<init>(Kinit.java:
259)
at sun.security.krb5.internal.tools.Kinit.main(Kinit.java:106)
Caused by: KrbException: Identifier doesn't match expected value (906)
at sun.security.krb5.internal.KDCRep.init(KDCRep.java:133)
at sun.security.krb5.internal.ASRep.init(ASRep.java:58)
at sun.security.krb5.internal.ASRep.<init>(ASRep.java:53)
at sun.security.krb5.KrbAsRep.<init>(KrbAsRep.java:50)
... 4 more
We have a windows 2008 server running Active Directory. I have created
a JBOSS user there and ran the SetSPN and Ktpass utlility. Also, I
have made sure that DES encryption check box is checked for the JBOSS.
Since I modified that check box few times, I have made sure that I
reset the password everytime as I read few places that it can create
issues with the encryption.
I am running the kinit on windows 2003. I have generated the key tab
file on 2003 using Ktab command. (I have also tried generating this
file in 2008 and using that file when I run the command in 2003 but of
no use)
Now I am not sure what else is going on. Iniitlally I was running into
client not found in the database. I went past that problem by making
sure that I ran the kinit utility by just passing in the user name
JBOSS rather than mydomanin\JBOSS
If you need more info I would be more than happy to provide it.
Looking for any clue to move forward.
Thanks
vs
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
