[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Heimdal kerberos newbie problem with win2k workstation

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Heimdal kerberos newbie problem with win2k workstation
From: Didier Wiroth <didier_(_dot_)_wiroth_(_at_)_mcesr_(_dot_)_etat_(_dot_)_lu>
Date: Thu, 10 Feb 2005 11:06:01 +0100
Thread-index: AcUPWB+dPBqo6TJIS4yAvTGb426ZCw==

Hi,
At first, sorry for the long post!

I have setup a heimdal kdc. The kdc seems to work correctly as I can
connect to it locally.

I have created an account which looks like this:
-----
kadmin> list -l dda/admin
               Principal: dda/admin_(_at_)_TEST_(_dot_)_LU
       Principal expires: never
        Password expires: never
    Last password change: never
         Max ticket life: 1 day
      Max renewable life: 1 week
                    Kvno: 1
                   Mkvno: 0
                  Policy: none
   Last successful login: never
       Last failed login: never
      Failed login count: 0
           Last modified: 2005-02-10 08:54:58 UTC
                Modifier: kadmin/admin_(_at_)_TEST_(_dot_)_LU
              Attributes:
Keytypes(salttype[(salt-value)]): des3-cbc-sha1(pw-salt),
des-cbc-md5(pw-salt), des-cbc-md4(pw-salt), de
s-cbc-crc(pw-salt)

I've also created a host principal called vmware:
kadmin> list -l vmware/TEST.LU
               Principal: vmware/TEST_(_dot_)_LU_(_at_)_TEST_(_dot_)_LU
       Principal expires: never
        Password expires: never
    Last password change: never
         Max ticket life: 1 day
      Max renewable life: 1 week
                    Kvno: 1
                   Mkvno: 0
                  Policy: none
   Last successful login: never
       Last failed login: never
      Failed login count: 0
           Last modified: 2005-02-10 09:16:40 UTC
                Modifier: kadmin/admin_(_at_)_TEST_(_dot_)_LU
              Attributes:
Keytypes(salttype[(salt-value)]): des3-cbc-sha1(pw-salt),
des-cbc-md5(pw-salt), des-cbc-md4(pw-salt), des-cbc-crc(pw-salt)

I've setup a vmware windows2000 guest os. I've setup windows 2000 to use
the openbsd heimdal kdc with ksetup.exe, following the following
procedures:
http://www.pdc.kth.se/heimdal/heimdal.html#Configuring%20Windows%202000%
20to%20use%20a%20Heimdal%20KDC

When I try to log on from the winodws 2000 workstation with the kerberos
credentials. I get the following errors:
2005-02-10T10:40:04 UNKNOWN -- dda_(_at_)_TEST_(_dot_)_LU: No such entry in the
database
2005-02-10T10:40:04 AS-REQ dda_(_at_)_TEST_(_dot_)_LU from IPv4:10.0.0.181 for
krbtgt/TEST_(_dot_)_LU_(_at_)_TEST_(_dot_)_LU
2005-02-10T10:40:04 UNKNOWN -- dda_(_at_)_TEST_(_dot_)_LU: No such entry in the
database

Verifying the account exists (yes, 3rd and 9th entry):
kadmin> list *
  default_(_at_)_TEST_(_dot_)_LU
  password_(_at_)_TEST_(_dot_)_LU
  dda/admin_(_at_)_TEST_(_dot_)_LU
  kadmin/admin_(_at_)_TEST_(_dot_)_LU
  kadmin/hprop_(_at_)_TEST_(_dot_)_LU
  kadmin/changepw_(_at_)_TEST_(_dot_)_LU
  changepw/kerberos_(_at_)_TEST_(_dot_)_LU
  krbtgt/TEST_(_dot_)_LU_(_at_)_TEST_(_dot_)_LU
  vmware/TEST_(_dot_)_LU_(_at_)_TEST_(_dot_)_LU

Can someone tell me what could be the problem?

Many thx
Didier

Follow-Ups:
- Kernel pppoe client on SGI
  - From: Johan Hattne

Prev by Date: Re: FORCE_SSL_PROMPT in lynx
Next by Date: Re: Correctness? To a newcomer, it doesn't seem that way.
Previous by thread: Re: OpenBSD as SDSL router replacement?
Next by thread: Kernel pppoe client on SGI
Index(es):
- Date
- Thread

Visit your host, monkey.org