[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Preauthentication failed
On Tue, 22 May 2007 21:03:35 +0100
"Markus Moeller" <email@example.com> wrote:
> you may have hit a bug in ktpass on 2003. If I understand your command
> right you are using a computer account BSDflohKerberos$ and not a user
> account. If I remember right the salt is not build out of the service HTTP
> but uses host instead. This happen only for computer accounts. Can you try
> to map to a user account.
Marcus is right. DES with computer accounts has problems last I checked. I
strongly recommend using a regular User account and RC4.
> ----- Original Message -----
> From: "Florian Erfurth" <firstname.lastname@example.org>
> To: <email@example.com>
> Sent: Tuesday, May 22, 2007 5:13 PM
> Subject: Re: Preauthentication failed
> > Hi Michael,
> > thank you for your quick response!
> > Michael B Allen wrote:
> >>> > [SNIP]
> >> Looks like the key is wrong. Re-run ktpass.exe and copy the keytab file
> >> over again.
> > I did that, what you did suggest. I get still the same error. :( Did I
> > entered the right:
> > C:\>ktpass -princ HTTP/BSDfloh.domain.tld@DOMAIN.TLD -mapuser
> > domain\BSDflohKerberos$ -crypto DES-CBC-MD5 -pass longlongpassword -out c
> > \temp\BSDflohkeytab
> > Question: Which password should I use for '-pass'? Do I create a new
> > password with this command or should I use *which* password?
> >> Mike
> > Floh
Michael B Allen
PHP Active Directory Kerberos SSO