Openfire and spark sso not working

hello. i discovered all the themes in this site about SSO but still nothing help me. right now i have error SASLERROR using GSSAPI: not authorized

my server is redhat based distro
clients right now windows 10

  1. i tried run spark with admin rights, its not helping
  2. registry AllowTGTSessionkey DWORD = 1 is done
  3. kinit -V -k -t keytabfile.keytab xmpp/domain.domain@DOMAIN succesffully authenticate me
  4. i rebooted client and server many times
  5. properties in admin panel is like this
    sasl.gssapi.config /usr/share/openfire/conf/gss.conf
    sasl.gssapi.debug true
    sasl.gssapi.useSubjectCredsOnly false
    sasl.mechs GSSAPI
    sasl.realm DOMAIN
  6. sso enabled in setting and i picked use dns
    which should be encryption mode? enabled or disabled? cuz in each mode errors not the same
  7. gss.conf

com.sun.security.jgss.accept {
com.sun.security.auth.module.Krb5LoginModule
required
storeKey=true
keyTab=“/home/adminchgik/srv-jabber2.keytab”
doNotPrompt=true
useKeyTab=true
isInitiator=false
realm=“DOMAIN”
principal=“XMPP/srv-jabber2.domain@DOMAIN”
debug=true;
};

openfire 4.7.5
spark 3.0.2

what else should i check to make it working?

is there any information in your openfire logs or spark logs?