kdc reply did not match expectations while getting initial credentials

I'm trying to setup a Redhat Enterprise version 4 server to act as a samba file server for a windows 2000 domain.  I've looked through the previous posts and think that I've got most everything done correctly.  But I still get this error when I try to run this command:
kinit administrator
password for administrator@COM2000: *****
kinit(v5): kdc reply did not match expectations while getting initial credentials

If I type in an incorrect password I get a "Preauthentication failed..." message, so I'm sure I'm talking to the right server.

I've checked the server time and the linux time and they are within 30 seconds of each other.
I think I've got all the names in uppercase where they need to be.

We have a slightly complicated setup that may be part of the confusion.  The domain realm is company.net  but the Kerberos realm is COM2000.  That is you can find the server by pinging server1.company.net but when you log in the domain is COM2000

The relevant parts of the krb5.conf file are:
[libdefaults]
 default_realm = COM2000
 dns_lookup_realm = true
 dns_lookup_kds = true

[realms]
  COM2000 = {
    kdc = SERVER1.COMPANY.NET:88
   admin_server = SERVER1.COMPANY.NET
  default_domain = COM2000
}

[domain_realm]
  .company.net = COM2000
  company.net = COM2000

I'm not sure what the next steps are to get this working.  Any ideas?
LVL 1
geekdad1Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
geekdad1Connect With a Mentor Author Commented:
Well I figured it out.  I had the domain realm and kerberos realm backwards.  When I started trying to login using COMPANY.NET everything started working.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.