> makes me think there is an issue using the host principal. Can you confirm that:
>Â kinit -k host/
server.dom.ain.edu@xxxxxxxxxxx>works on the machine (and yields a TGT with "klist -Af")?
Interesting. It's in the keytab but when I kinit -k I get "not found in Kerberos database while getting initial credentials" so, no, it's not there. Gotta love AD and blackboxes in general.
> Also, you may want to check whether there are any SELinux denials related to
> accessing the keytab (or shortly disable it during the test).
So [expletives deleted] much. I've been running in permissive mode because SELinux just keeps finding new things to complain about. I've been setting permissions to allow as I find them.
nomad
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}