2

I am trying to connect to SQL-Server usingJavaKerberos. My Jaas conf file looks like this :

SQLJDBCDriver {
    com.sun.security.auth.module.Krb5LoginModule required
    useTicketCache=true
    useKeyTab=true
    keyTab="/etc/krb5.keytab"
    doNotPrompt=true
    renewTGT=true
    debug=true;
    };

This is the error that I am getting

>>> Found no TGT's in LSA
Principal is null
null credentials from Ticket Cache
        [Krb5LoginModule] authentication failed 
Unable to obtain Principal Name for authentication 
        [Krb5LoginModule]: Entering logout
        [Krb5LoginModule]: logged out Subject

This is how "/etc/krb5.conf" looks like

[libdefaults]
default_realm = HOME.COM
dns_lookup_realm = true
dns_lookup_kdc = true
forwardable=true

[realms]
HOME.COM = {
        kdc = PCDNT00003USP01.Cloud.com
        kdc = PCDNT00002USP01.Cloud.com
        kdc = PCDNT00002USP03.Cloud.com
        kdc = pcdnt00001usp03.Cloud.com
        kdc = pcdnt00001ukp01.Cloud.com
        kdc = pcdnt00001ukp02.Cloud.com
        kdc = PCDNT00003USP03.Cloud.com
        kdc = PCDNT00002USP02.Cloud.com
        default_domain = home.com
admin_server=Cloud.com
}

[domain_realm]
home.com= HOMECOM
.home.com= HOME.COM
Dipika
  • 584
  • 2
  • 12
  • What does your /etc/krb5.conf look like? What is the server principal name you are trying to connect to of the SQL server? Make sure it is a valid DNS name and valid SPN name in your network. – T-Heron Dec 16 '18 at 20:47
  • @T-Heron : I have updated the question with /etc/krb5.conf – Dipika Dec 17 '18 at 03:55
  • Two problems I see. All your KDCs show they are in cloud.com, yet your default realm is HOME.COM, Also there is a typo here: *home.com= HOMECOM*. Should be *home.com= HOME.COM*. What is the hostname of the SQL server you are trying to reach? – T-Heron Dec 17 '18 at 22:21

0 Answers0