Hi to all!
I just finished migrating Openfire server from Virtualbox to FreeBSD jail. And I faced with keytab problem. Again. I forgot password from openfire user. It meant that I should generate new password and keytab. And started. Damned 10 hours, during which I tried all, that can be able to inventing and find. However, at the end I found message in logs that “…no valid credentials provided…”. Some googling and at first glance something off topic
At first glance.
Because adding to krb5.conf in [libdefaults] line:
default_keytab_name = /usr/local/share/java/openfire/resources/xmpp.keytab
And changing header of gss.conf to:
com.sun.security.jgss.initiate
with adding inside of block:
useTicketCache=false
Was fully solved problem with keytab. Which now can be generating on Samba DC with fully default functions. Below I leave full krb5.conf and gss.conf, that I using now and hope, that this information will save any time to anybody.