No it is different computer accounts. Keytab is created using ktutil. -----Original Message----- From: Greg Hudson [ghud...@mit.edu<mailto:ghud...@mit.edu>] Sent: Saturday, December 20, 2014 03:03 PM Eastern Standard Time To: Xie, Hugh; Subject: Re: Wrong principal in request error on gss_accept_sec_context()
On 12/19/2014 01:33 PM, Xie, Hugh wrote: > We are using the same account on both hosts the Principal in the keytab is > "mya...@common.bankofamerica.com" > The service ticket on the clients has the principal of: > HTTP/host1.bankofamerica.com @ COMMON.BANKOFAMERICA.COM > HTTP/host2.site123.baml.com @ COMMON.BANKOFAMERICA.COM I guess this is an Active Directory KDC, and you are using a single computer account for both hosts? (That's not the usual recommended practice, but I assume you have a reason for it.) How did you create the keytabs for the hosts? ---------------------------------------------------------------------- This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
