Wolkenfarbik

Themen rund um Microsoft 365 und Azure

Allgemein

Kinit error on Ubuntu server

I configured Squid Proxy in conjunction with Kerberos authentication in an  Active Directory Domain. During my Tests I used kinit to check my Kerberos ticket on the Ubuntu Server and got the following error message:

kinit: Client not found in Kerberos database while getting initial credentials

The reason was two identical SPNs (Service Principal Names) in the Active Directory. To find them I checked the Active Directory for double SPNs with the setspn command and the -x parameter:

setspn -x

This command checks the Active Directory for identical SPNs and list them.

The command showed me two entries for my Squid Proxy account svcSquid. I deleted both of them with the setspn command and the -D Parameter:

setspn -D HTTP/squid.contoso.com contoso\svcSquid

Then I recreated the SPN with setspn and the -A Parameter:

setspn -A HTTP/squid.contoso.com contoso\svcSquid

I checked the SPNs once again with the setspn and the -x Parameter and it showed no results meaning there are no identical SPNs. After this modification I was able to use kinit command to receive a ticket on the Ubuntu server.

Author Image
Carlos Shepardos

Previous Post

Next Post

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

Can not mount Exchange Database after use of eseutil

Robocopy skips files with multithreading switch set to /MT:32

Server 2019 Preview – ADPREP fails with “Failed to verify file signature: error 0x800b0109”

Excuting PowerShell scripts on Windows clients monitored by Icinga (Nagios etc)

Copyright All rights reserved | The Words - By Themesarray.
%d bloggers like this: