Your SlideShare is downloading. ×
KDC reply did not match expectations while getting initial credentials
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

KDC reply did not match expectations while getting initial credentials

17,574
views

Published on

kinit: KDC reply did not match expectations while getting initial credentials while initializing krb5 authentication with AD

kinit: KDC reply did not match expectations while getting initial credentials while initializing krb5 authentication with AD

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
17,574
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
25
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Issue: kinit: KDC reply did not match expectations while getting initial credentials while initializing krb5 authentication with AD Symptom: When trying to initialize krb5 authentication with AD, following error is seen, irrespective of whether the domain name supplied in the command is lower or upper case. [root@redhatcentos /]# kinit administrator@test.com Password for administrator@test.com: kinit: KDC reply did not match expectations while getting initial credentials Or, [root@redhatcentos /]# kinit administrator@TEST.COM kinit: Cannot find KDC for requested realm while getting initial credentials Cause: Domain name given the krb5.conf is of 'lower case'.
  • 2. Resolution: Change the Domain name to 'Upper case' as shown in the example krb5.conf below: [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = TEST.COM dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h renew_lifetime = 7d forwardable = true [realms] TEST.COM = { kdc = win2k8r2.test.com admin_server = win2k8r2.test.com }
  • 3. [domain_realm] .demo = TEST.COM demo = TEST.COM Run the kinit command again with 'domain name' as 'upper case' and verify the result. *****************success*********************** [root@redhatcentos /]# kinit administrator@TEST.COM Password for administrator@TEST.COM: [root@redhatcentos /]# *******************success*********************** ashwinwriter@gmail.com

×