TKEY unacceptable
Matthieu Patou
mat at samba.org
Sat May 21 15:56:53 MDT 2011
Hello Andrews,
I faced the message dns_tkey_negotiategss: TKEY is unacceptable and
after searching trying some stuff without success and wishing kai had
finished a complete and simple DNS server I started to look at the traces.
I found that my client (actually a second DNS server) was requesting a
SPN for DNS/lenny.sub.home.matws.net when the instruction in named.txt
in the provision folder told me to have tkey-gssapi-credential
DNS/sub.home.matws.net.
I think that's the reason of the problem because as soon as I changed to
DNS/lenny.sub.home.matws.net it started to work !
See the trace between the "client DC" (172.16.100.1) and the "DNS DC"
(172.16.101.3).
Matthieu
--
Matthieu Patou
Samba Team http://samba.org
Private repo http://git.samba.org/?p=mat/samba.git;a=summary
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dnsupdate.gz
Type: application/x-gzip
Size: 50327 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20110522/50287f88/attachment.bin>
More information about the samba-technical
mailing list