On (02/02/17 19:55), Gilbert, Sonia wrote:
No. Also they said that they opened up the firewall for all the
ports.
[root@server01 /]# kinit 018443(a)abc.com
Password for 018443(a)abc.com:
kinit: KDC policy rejects request while getting initial credentials
Could it be trying to use krb5.keytab? Is it unique to each instance. Since it was
removed from the realm, will it need to have a new keytab generated. Is that a local
verification or do we also have to do something on the AD server?
Use KRB5_TRACE for extra tracing information.
e.g.
KRB5_TRACE=/dev/stderr kinit 018443(a)abc.com
LS