Link to home
Start Free TrialLog in
Avatar of Doug Poulin
Doug PoulinFlag for Canada

asked on

kdc reply did not match expectations while getting initial credentials

I'm trying to setup a Redhat Enterprise version 4 server to act as a samba file server for a windows 2000 domain.  I've looked through the previous posts and think that I've got most everything done correctly.  But I still get this error when I try to run this command:
kinit administrator
password for administrator@COM2000: *****
kinit(v5): kdc reply did not match expectations while getting initial credentials

If I type in an incorrect password I get a "Preauthentication failed..." message, so I'm sure I'm talking to the right server.

I've checked the server time and the linux time and they are within 30 seconds of each other.
I think I've got all the names in uppercase where they need to be.

We have a slightly complicated setup that may be part of the confusion.  The domain realm is company.net  but the Kerberos realm is COM2000.  That is you can find the server by pinging server1.company.net but when you log in the domain is COM2000

The relevant parts of the krb5.conf file are:
[libdefaults]
 default_realm = COM2000
 dns_lookup_realm = true
 dns_lookup_kds = true

[realms]
  COM2000 = {
    kdc = SERVER1.COMPANY.NET:88
   admin_server = SERVER1.COMPANY.NET
  default_domain = COM2000
}

[domain_realm]
  .company.net = COM2000
  company.net = COM2000

I'm not sure what the next steps are to get this working.  Any ideas?
ASKER CERTIFIED SOLUTION
Avatar of Doug Poulin
Doug Poulin
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial