无法获取 Kerberos 服务票证:KrbException:在 Kerberos 数据库中找不到服务器 (7) [英] Cannot get Kerberos service ticket: KrbException: Server not found in Kerberos database (7)
问题描述
我正在使用 GSSAPI 进行开发,并且我的代码可以与普通的 MIT Kerberos 5 服务器一起工作来完成一些客户端/服务器工作.我现在正在针对 Active Directory 验证它的功能,但我遇到了一个问题.
I'm developing using the GSSAPI, and I have code which works with a vanilla MIT Kerberos 5 server to do some client/server work. I'm now verifying it's functionality against Active Directory and I've hit an issue.
我的服务器已经过身份验证和监听.我可以让客户端登录.作为记录,这是基于 http://thejavamonkey.blogspot 的代码.com/2008/04/clientserver-hello-world-in-kerberos.html.但是,我无法让客户端从 AD 取回票证以获取它与服务器之间的会话.我收到 KrbException: Server not found in Kerberos database (7),我不知道添加它的正确位置.我试过将带有 ip 的服务器名称放入主机文件、更新 dns、放入服务器记录等,但没有成功.
I have my server authenticated and listening. I can get the client to login. For the record, this is code based off of http://thejavamonkey.blogspot.com/2008/04/clientserver-hello-world-in-kerberos.html. However, I cannot get the client to get the ticket back from AD to get the session between it and the server. I get KrbException: Server not found in Kerberos database (7), and I cannot figure out where the proper place is to add it. I've tried putting the server name with ip in the hosts file, updating dns, putting in server records, etc, with no luck.
如果有人知道更新 AD 以在 Kerberos 数据库中设置服务器的正确位置,那就太好了!
If anyone knows where the proper place is to update AD to set a server in the Kerberos Database, that would be great!
推荐答案
这个异常来自客户端吧?请执行服务器主机名的正向和反向 DNS 查找.您的服务器的 DNS 条目不正确.它们对于 Kerberos 来说绝对是至关重要的.正确的位置是您的 DNS 服务器,在您的情况下:域控制器.找出您的 DNS 服务器的 IP 地址并联系您的管理员.另一个选项是缺少 SPN,也请检查.
This exception comes from the client, right? Please perform a forward and reverse DNS lookup of the server hostname. Your server has incorrect DNS entries. They are absolutely crucial for Kerberos. The proper place is your DNS server, in your case: domain controller. Figure out the IP address of your DNS server and contact your admin. The other option is a missing SPN, please check that too.
这篇关于无法获取 Kerberos 服务票证:KrbException:在 Kerberos 数据库中找不到服务器 (7)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
