Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC

Hi,

I have been configuring SSO using Active Directory 2003. Its on Windows Server 2003 enterprise SP1. First I configured using DES. I used Set User Account for DES for both client user and SPN. Then I created proper keytab file using -crypto des-crc-md5, +DESOnly tags.

But I still kept on getting error :- "Invalid argument (400) - Cannot find key of appropriate

type to decrypt AP REP - RC4 with HMAC".

I even created a registry entry "KdcUseRequestedEtypesForTickets" in KDC service and checked kdsvc.dll date which indicates that file should contain the hotfix. We have installed jdk-1_5_0_11.

Please help as I m stuck !!

Regards

Neha

[692 byte] By [nehaba] at [2007-11-27 2:05:40]

«« collection
»» <html:link problem in struts>

# 1

Hi! I got this problem and solved it.

There are 2 solutions:

1) You must create your keytab file using rc4-encryption, so, I do not need to use "+Desonly" parameter. Java since jdk _1_5_7 supports RC4.

2) If you want to use des - try this article:

http://support.microsoft.com/default.aspx?scid=kb;en-us;833708

Andremona at 2007-7-12 1:51:22 >

top of Java-index,Security,Kerberos & Java GSS (JGSS)...

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC

Security New Topic

Security Hot Topic

Security

All Classified