Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2161
  • Last Modified:

kdc reply did not match expectations while getting initial credentials

I'm trying to setup a Redhat Enterprise version 4 server to act as a samba file server for a windows 2000 domain.  I've looked through the previous posts and think that I've got most everything done correctly.  But I still get this error when I try to run this command:
kinit administrator
password for administrator@COM2000: *****
kinit(v5): kdc reply did not match expectations while getting initial credentials

If I type in an incorrect password I get a "Preauthentication failed..." message, so I'm sure I'm talking to the right server.

I've checked the server time and the linux time and they are within 30 seconds of each other.
I think I've got all the names in uppercase where they need to be.

We have a slightly complicated setup that may be part of the confusion.  The domain realm is company.net  but the Kerberos realm is COM2000.  That is you can find the server by pinging server1.company.net but when you log in the domain is COM2000

The relevant parts of the krb5.conf file are:
[libdefaults]
 default_realm = COM2000
 dns_lookup_realm = true
 dns_lookup_kds = true

[realms]
  COM2000 = {
    kdc = SERVER1.COMPANY.NET:88
   admin_server = SERVER1.COMPANY.NET
  default_domain = COM2000
}

[domain_realm]
  .company.net = COM2000
  company.net = COM2000

I'm not sure what the next steps are to get this working.  Any ideas?
0
geekdad1
Asked:
geekdad1
1 Solution
 
geekdad1Author Commented:
Well I figured it out.  I had the domain realm and kerberos realm backwards.  When I started trying to login using COMPANY.NET everything started working.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now