I would question the account you are trying to map the keytab to then. I am assuming your personal account is a domain admin? You are trying create the keytab on your PDC? You are running all the latest patches on the PDC? If so then I would recommend that you delete and recreate the account.
xmpp/jabber.D3.MAIN.COM@D3.MAIN.COM jabber.D3.MAIN.COM should be the fully qualified domain name of the chat server (a ping should resolve it). The @D3.MAIN.COM is just redundantly stating the domain it is found in.
/pass * will cause a prompt for the username authentication of the keytab mapuser
/mapuser xmpp@D3.MAIN.COM is your ad user that the /pass password is associated to (very circular I’m sorry).
the rest is the name of the file you have created.
Created the krb5.ini file and dropped it on the client C://WINDOWS and also on the Jabber server at same location.
Sspark output.txt says:
Debug is true storeKey false useTicketCache true useKeyTab false doNotPrompt true ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is false principal is null tryFirstPass is false useFirstPass is false storePass is false clearPass is false
Acquire TGT from Cache
Principal is null
null credentials from Ticket Cache
authentication failed
Unable to obtain Princpal Name for authentication
Although Spark will only write this one time and then not rewrite it for each occurence of this problem which makes it hard to troubleshoot.
Any more ideas?
The only thing I didnt do was the registry hack (is this required?)
Can you post your keytab content? I am not so sure about your keytab being correct either, but the principal could be a red hearing, if the krb5.ini is incorrect it may cause that. First eliminate the last know variable and add reg edits.