I'm implementing AD Authentication in our BO XI3.1 environment. I have done the below steps to test the kerberos.
1. Created krb5.ini file and located it in C:\Windows folder.
default_realm = DOMAIN.NET
dns_lookup_kdc = true
dns_lookup_realm = true
default_tkt_enctypes = rc4-hmac
default_tgs_enctypes = rc4-hmac
udp_preference_limit = 1
kdc = Host1.domain.net
kdc = Host2.domain.net
default_domain = DOMAIN.NET
2. I have changed the tomcat option in Start -> Tomcat -> Tomcat Configuration -> Java tab
When i tried to execute kinit command ,I was getting a error 'Could not load configuration file c:\winnit\krb5.ini'. I wondered why Java is searching krb5.ini file in c:\winit folder, when winnt folder is not at all exist and also i have clearly specified path at Tomcat Java option.
Then i created a folder 'winnt' at C:\ drive and placed the krb5.ini folder in it. Then tried to execute the kinit command and getting error 'cannot get kdc for realm DOMAIN.NET'
Please help to resolve this issue.
1. Should i do anything at Domain Controller(AD Server) to resolve the issue.
2. From which path the kinit should be run as i have kinit executable in more than folder in the Javasdk folder. One in Javasdk\bin\kinit and also in javasdk\jre\bin\kinit and another one in javasdk\jre6\bin\kinit.
3. Is that fine to use any slash '\' or '/' in tomcat java option to specify the path of krb5.ini and bscLogin.conf files?
Kindly help to get out of this issue, as i was getting it for longer time.
Also i have checked for the spaqcing in the krb5.ini file and firewall issues. Everything is correct. still getting the error