Getting unknown server error while initializing GSS security context

Asked Nov 05 '15 at 13:25

Active Nov 05 '15 at 13:25

Viewed 680 times

Working on a cocoa OSX app, Mac bind with active directory and logged in as active-dir user.

Getting the unknown server error while initializing GSS security context: with a PrincipalName provided by the server.

gss_init_sec_context
major: unknown routine error
minor: Server (krbtgt/LOCAL@XYZ.LOCAL)unknown while looking up 'WIN-    ****$/xyz.local@LOCAL' (cached   result, timeout in 167 sec)

Klist -5 displays these on terminal:

Credentials cache: API:DD4CC511-7BE2-4267-9923-6C8ABCD9297D
    Principal: user@XYZ.LOCAL

Issued                Expires               Principal
Nov  5 17:21:23 2015  Nov  6 03:21:23 2015     krbtgt/XYZ.LOCAL@XYZ.LOCAL

Because off this error, I changed ker5.conf file like this:

[libdefaults]
  default_realm = XYZ.LOCAL
  renewable = true
  forwardable= true
  ticket_lifetime = 20d
  renew_lifetime = 1d
  default_tgs_enctypes = aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96,  des3-cbc-sha1, arcfour-hmac-md5
  default_tkt_enctypes = aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, des3-cbc-sha1, arcfour-hmac-md5


[domain_realm]
 xyz.com = XYZ.LOCAL
.xyz.com = XYZ.LOCAL

asked Nov 05 '15 at 13:25

dips

Does your implementation support `KRB5_TRACE`? – Michael-O Nov 05 '15 at 14:40
Can you please tell me- How to enable that on OSX client for active-directory? – dips Nov 05 '15 at 18:08
This is a standard MIT Kerberos environment variable. – Michael-O Nov 06 '15 at 08:44

Getting unknown server error while initializing GSS security context

0 Answers0