"Talwar, Puneet (NIH/NIAID)" wrote: > > > HI, > > I am having some issues creating krb5.keytab ticket on Windows 2000 server. > I have followed the direction on how to create krb5.keytab file from the > following URL below. > > http://support.microsoft.com/default.aspx?scid=kb;en-us;324144 > <http://support.microsoft.com/default.aspx?scid=kb;en-us;324144> > > > Here is the command syntax I am using to create the keytab file and the > error messages that I am getting. > > C:\>Ktpass -princ host/[EMAIL PROTECTED] > <mailto:host/[EMAIL PROTECTED]> .gov -mapuser macunis -pass password > -out macunis.keytab
Something did not print correctly above, as it has a <mailto:...> stuck in the middle. What was the real command? The mapuser here may be misleading. You need to create an account for the machine, line hostXXX where XXX is the unqalified host name and use hostXXX as the mapuser. The associates the principal name with the account. I assume that there is a user macunis, and this is not the host. > Failed to set property "servicePrincipalName" to "host/xxxxdomain.gov" on Dn The above does not look correct either. If you are going to obfuscate the names please be consistent. Double check that you have not left out a "." above. I also see the use of xx twice, as well as xxx and xxxx some of these should match. Based on your e-mail address, one of these is most likely nih. > "CN=Mac Unis,CN=Users,DC=xx,DC=xx,DC=gov". > WARNING: Unable to set SPN mapping data. > If macunis already has an SPN mapping installed for host/xxx.domain.gov, > this is no cause for concern. > Failed to retrieve user info for macunis. > Aborted. > > If someone is help me out here as to why I am getting these error messages I > would appreciate it. > > Thanks, > > Puneet > > > ---------------------------------------------------------- > Puneet Talwar > Unix Administrator > > ________________________________________________ > Kerberos mailing list [EMAIL PROTECTED] > https://mailman.mit.edu/mailman/listinfo/kerberos -- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
