[31669] in Kerberos
Re: ktpass fails to create a service principal (win 2000 server SP4)
daemon@ATHENA.MIT.EDU (Douglas E. Engert)
Tue Nov 10 12:26:23 2009
Message-ID: <4AF9A222.8060500@anl.gov>
Date: Tue, 10 Nov 2009 11:25:54 -0600
From: "Douglas E. Engert" <deengert@anl.gov>
MIME-Version: 1.0
To: Julien Montmartin <jmontmartin@gmail.com>
In-Reply-To: <a27fd8fe0911100855g4b4fa82dk75b5770b4cc2b56c@mail.gmail.com>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Julien Montmartin wrote:
> Hi List,
>
> I'm working on a kerberized application server and I have some trouble when
> I try to generate the keytab with ktpass... Although evrything works nicely
> for demo in the lab, it fails in real world !
>
> Here the command I use (windows 2000 server SP4) :
>
> ktpass -ptype KRB5_NT_PRINCIPAL -princ HTTP/
> myComputer.private.myCompagnie.com@PRIVATE.MYCOMPAGNIE.COM -mapuser
> testUser@private.myCompagnie.com -pass xyz -out C:\temp\keytab
-mapuser testUser
> Failed to get DN from search result: 0X80070057
> Failed to locate user "(samAccountName=testUser@private.myCompagnie.com)".
> Failed to retrieve user info for testUser@private.myCompagnie.com: 0x8ad.
> Aborted.
>
> testUser is a brand new user created for the service. Are there any traps
> when you create new users in AD ? (I'm a beginner with AD). Any idea or
> pointer to investigate this error ?
>
> Thanks,
>
> Julien
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
