Skip to Content
0
Former Member
Oct 21, 2013 at 12:37 PM

Having trouble in kinit command

163 Views

Hi,

I'm implementing AD Authentication in our BO XI3.1 environment. I have done the below steps to test the kerberos.

1. Created krb5.ini file and located it in C:\Windows folder.

krb5.ini

[libdefaults]

default_realm = DOMAIN.NET

dns_lookup_kdc = true

dns_lookup_realm = true

default_tkt_enctypes = rc4-hmac

default_tgs_enctypes = rc4-hmac

udp_preference_limit = 1

[domain_realm]

.domain.net = DOMAIN.NET

domain.net = DOMAIN.NET

[realms]

DOMAIN.NET {

kdc = Host1.domain.net

kdc = Host2.domain.net

default_domain = DOMAIN.NET

}

2. I have changed the tomcat option in Start -> Tomcat -> Tomcat Configuration -> Java tab

Djava.security.krbr5.conf=C:\Windows\krb5.ini.

When i tried to execute kinit command ,I was getting a error 'Could not load configuration file c:\winnit\krb5.ini'. I wondered why Java is searching krb5.ini file in c:\winit folder, when winnt folder is not at all exist and also i have clearly specified path at Tomcat Java option.

Then i created a folder 'winnt' at C:\ drive and placed the krb5.ini folder in it. Then tried to execute the kinit command and getting error 'cannot get kdc for realm DOMAIN.NET'

Please help to resolve this issue.

My Queries:

1. Should i do anything at Domain Controller(AD Server) to resolve the issue.

2. From which path the kinit should be run as i have kinit executable in more than folder in the Javasdk folder. One in Javasdk\bin\kinit and also in javasdk\jre\bin\kinit and another one in javasdk\jre6\bin\kinit.

3. Is that fine to use any slash '\' or '/' in tomcat java option to specify the path of krb5.ini and bscLogin.conf files?

Kindly help to get out of this issue, as i was getting it for longer time.

Also i have checked for the spaqcing in the krb5.ini file and firewall issues. Everything is correct. still getting the error