Kerberos ticket SSO.tab issues
Hello! I'm trying to create a kerberos ticket on my DC that is going to my Portal (SS0 server. However, I can't get it set up correctly. Please see following commands from ssoserver.
C:\>ktpass -princ HTTP/jaa-app03.jaa.aero@JAA.AERO -mapuser jaa-app03 -crypto DE
S-CBC-MD5 -ptype KRB5_NT_PRINCIPAL -mapop set +desonly -pass Password1 -out sso.k
eytab
Targeting domain controller: jaa-svc02.jaa.aero
Successfully mapped HTTP/jaa-app03.jaa.aero to jaa-app03.
Key created.
Output keytab to sso.keytab:
Keytab version: 0x502
keysize 59 HTTP/jaa-app03.jaa.aero@JAA.AERO ptype 1 (KRB5_NT_PRINCIPAL) vno 24 e
type 0x3 (DES-CBC-MD5) keylength 8 (0x67d64fe3a808c8fb)
Account jaa-app03 has been set for DES-only encryption.
KINIT Results:
C:\OraHome_1\jdk\bin>kinit -k -t $ORACLE_HOME/j2ee/OC4J_SECURITY/config/sso.keyt
ab HTTP/jaa-app03.jaa.aero
Exception: krb_error 0 Cannot retrieve key from keytab for principal HTTP/jaa-ap
p03.jaa.aero@JAA.AERO No error
KrbException: Cannot retrieve key from keytab for principal HTTP/jaa-app03.jaa.a
ero@JAA.AERO
at sun.security.krb5.internal.tools.Kinit.<init>(DashoA12275:199)
at sun.security.krb5.internal.tools.Kinit.main(DashoA12275:109)
C:\OraHome_1\jdk\bin>kinit HTTP/jaa-app03.jaa.aero
Password for
HTTP/jaa-app03.jaa.aero@JAA.AERO:Password
New ticket is stored in cache file C:\Documents and Settings\root66\krb5cc_root6
6
KLIST Results:
C:\OraHome_1\jdk\bin>klist -e -k c:\orahome_1\j2ee\OC4J_SECURITY\config\sso.keyt
ab
Key tab: c:\orahome_1\j2ee\OC4J_SECURITY\config\sso.keytab, 1 entry found.
[1] Service principal: HTTP/jaa-app03.jaa.aero@JAA.AERO
KVNO: 24
Key type: 3
C:\OraHome_1\jdk\bin>
August 12th, 2011 5:29am
It
seems you use Java version kinit. Does the version of Java supports all of the key types included in the keytab file?
Free Windows Admin Tool Kit Click here and download it now
August 16th, 2011 6:25pm
This topic is archived. No further replies will be accepted.
Other recent topics
