menu
  • Register

Want to solve programming problems and get paid for it? If that sounds interesting to you then contact us.

Kinit: client not found in kerberos database while getting initial credentials

0 votes
812 views

Problem :

I am working on the configuring SSO in obiee 11.1.1.7.14, where in which I am facing a issue in the step while configuring my krb5.conf and executing a kinit command.

Few notes regarding a Active Directory

· We have more than the one domain controller and to balance a request we are maintaing a load balancer with a port 3269.

· And a integration between obiee and a MSAD is successfully done with a load balancer name as host and a port as 3269.

· And few certificates have also been added in a demotrust.jks and to a ovd store and SSL is enabled in a new provider.

· Keytab file generated and also placed in obiee domain home, the krb5.conf and krb5Login.conf file also modified accordingly.

I have created my keytab file and placed it in my obiee domain home, then modified my krb5.conf by keeping a kdc as a one of the ip address of a domain controller and admin-server as a name of a domain controller. And while executing a

kinit -V -k -t /location/keytabfile.keytab HTTP/obiee_host_name

I have encountered the error as "kinit(v5): Client not found in Kerberos database while getting initial credentials" . Kindly share your ideas or suggestions to solve above issue.

7 5 2
3,870 points

Please log in or register to answer this question.

1 Answer

0 votes

Solution :

 First of all, this is the serverfault.

  1. 3269 is not a Kerberos, this is a SSL-backed global catalog. Pure LDAP not a Kerberos. Not a interesting here.
  1. Do not put a KDC IP addresses in a krb5.conf but rather rely on a DNS SRV records just like a Windows does.
  1. You cannot kinit with the SPN. kinit expects the UPN (from AD) from a keytab. Something like accountname$@EXAMPLE.COM if this is the machine account. Always remember, the SPN is always bound to some account, whether it is a machine or functional.
9 7 4
38,600 points

Related questions

1 vote
1 answer 845 views
845 views
Kinit: preauthentication failed while getting initial credentials.
Problem: I am very new to Kerberos and Hadoop. I tried to create the "user.keytab" file by "ktutil" to try to renew a krb ticket without the use of the password as it was recommended in some online tutorial. Please find below the procedure I ... credentials Please find below my environment details for your reference: My OS: Centos Linux, My Cluster: Cloudera Hadoop Distribution, My Tool: Kerberos
asked May 27, 2020 Martin K 6.6k points
0 votes
1 answer 756 views
756 views
javax.security.auth.login.loginexception: unable to obtain password from user
Problem : I am implementing kerberos Authentication in my existing java spring application.My unix team has provided me SPN, krb5.conf and keytab file. I am trying hard but getting unable to obtain password from user exception
asked Oct 22, 2019 peterlaw 6.9k points
0 votes
1 answer 824 views
824 views
Kdb5_util: configuration file does not specify default realm while getting default realm
Problem : I have recently installed krb5-1.2.3 on my Linux machine.I want to utilize this install as the client and the KDC is installed on another machine. But while I tried to do the initial kinit I got the following error; # ./kinit kinit(v5): Configuration ... /krb5.conf path and it also defines my default realm.Is there anybody who have faced this message before and have any solution on it ?
asked Dec 2, 2019 alecxe 7.5k points
0 votes
1 answer 11 views
11 views
Each time a user logs on locally, which database is used to verify sign-in credentials?
Problem: Each time a user logs on locally, which database is used to verify sign-in credentials?
asked Jul 22, 2020 HenryL 620 points
0 votes
1 answer 4 views
4 views
Getting “Project facet Java version 1.8 is not supported.” in Eclipse Luna
What is the problem and how can I fix this?
asked 1 day ago TeamScript 9.5k points
0 votes
1 answer 16 views
16 views
Aws was not able to validate the provided access credentials.
Problem: I am trying to create a Security Group using the AWS SDK but it is failing to authenticate it. For a very specific Access Key and Secret Key I have already provided the Administrative rights and then also it fails to validate. I also tried ... .java:1146) at com.sunil.demo.ec2.SetupEC2.createSecurityGroup(SetupEC2.java:84) at com.sunil.demo.ec2.SetupEC2.main(SetupEC2.java:25)
asked Aug 24, 2020 Raphael Pacheco 4.9k points
0 votes
1 answer 58 views
58 views
You do not have permission to view this directory or page using the credentials that you supplied.
Problem : I have my newly created website. First time I was able to succesfully login. The default address: www.abc.com I typed above address on browser and it redirected me to my login page: www.abc.com/pages/landingpage.aspx When I entered my login credential and tried to log ... open my site number of tabs and the browsers but as soon as I am logged in to my site, I am getting the above error.
asked Jan 31, 2020 jwilliam 3.9k points
0 votes
1 answer 30 views
30 views
Fatal error: unexpectedly found nil while unwrapping an optional value
Problem : I have recently started to learn the Swift Programming. I have written one swift program. But my Swift program is always crashing with the below error. “Fatal error: Unexpectedly found nil while unwrapping an Optional value” I am unable to understand above error and I want to know how can I fix it?
asked Feb 22, 2020 mphil 2.3k points
0 votes
2 answers 794 views
794 views
Syntaxerror: multiple statements found while compiling a single statement
Problem : Currently I am using the Python 3.3 and I have only entered these 3 below lines: import sklearn as sk import numpy as np import matplotlib.pyplot as plt But I am facing below error: “SyntaxError: multiple statements found while compiling a single statement” What is wrong with my Python code?
asked Jan 14, 2020 jwilliam 3.9k points
Dark theme