# Problem with Kerberos // kinit: password incorrect / initial login



## samanka80 (Aug 22, 2012)

Hello everyone!

I am trying to configure my ldap on freebsd 9 so that I can authenticate users against active directory.

For that I am going to need krb5, I have installed it, it is running cute but when I try to kinit some-user I have a weired problem... lets start from the top, here is my configuration of krb5.conf:

:beer

[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

[libdefaults]
default_realm = seth.local
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
forwardable = yes

[realms]
seth.local = {
kdc = WIN-SRV.seth.local:88
admin_server = WIN-SRV.seth.local:749
default_domain = seth.local
}

[domain_realm]
.seth.local = SETH.LOCAL
seth.local = SETH.LOCAL


:beer

seth.local is my domain and WIN-SRV is my active directory server...

Now I am trying to kinit some user who actually exists on my active directory, here is the result:

[root@ldap /usr/home/neda]# kinit alex
alex@seth.local's Password: //I entered the password here//
kinit: Password incorrect     

And then, I try to login with username which doesn't exist at all! And I have:

[root@ldap /usr/home/neda]# kinit jklsajdlkssdasdsa
jklsajdlks@seth.local's Password: //kjaskljdaskvcbylj user doesn't exist, who cares?? :e//
kinit: krb5_get_init_creds: Client (jklsajdlks@seth.local) unknown

You see? I think kerberos is seeing my active directory perfectly, but I don't know why I see the "password incorrect" message! I am sure that I'm entering the password correctlly! Should I config any special password for kerberos to access active directory and if so, where?? what do you think my problem is??

please please please save me! :r


----------

