So I’ve been reading other peoples issues, and trying different configs.
http://www.igniterealtime.org/community/docs/DOC-1060#Verify%20Your%20Kerberos%2 0Setup
http://www.igniterealtime.org/community/docs/DOC-1362
and the rtf / doc going around posted on forums… all produce same result.
when i do setspn -l servername i dont see the listing for xmpp – what someone else recommended on another forum
Issue I did notice, is some people say the fqdn needs to be all lowercase.
The Full computer name is “Kirk3NetBackup.Domain.com”
Does it make a difference if the computer name has caps in it, and the domain name begins with a cap. or should I force it to be all lower-case.
setspn -A xmpp/kirk3netbackup.fake.com@DOMAIN.COM xmpp-openfire
Registering ServicePrincipalNames for CN=xmpp-openfire,CN=Users,DC=fake,DC=com xmpp/kirk3netbackup.fake.com@FAKE.COM
Updated object
I get no errors.
C:\Program Files\Support Tools>ktpass -princ xmpp/kirk3netbackup.fake.com@
FAKECOM -mapuser xmpp-openfire@FAKE.com -pass * -ptype KRB5_NT_PRINCIPAL
Targeting domain controller: Kirk3NetBackup.fake.com <<<Notice AD name is in caps!
Using legacy password setting method
Successfully mapped xmpp/kirk3netbackup.fake.com to xmpp-openfire.
Type the password for xmpp/kirk3netbackup.fake.com:
Type the password again to confirm:
Key created.
C:\Program Files\Openfire\jre\bin>ktab -k xmpp.keytab -a xmpp/kirk3netbackup.fake.com@FAKE.COM
Password for xmpp/kirk3netbackup.kirkpharma.com@FAKE.COM:PASSWD Done!
Service key for xmpp/kirk3netbackup.fake.com@FAKE.COM is saved in xmpp.keytab
this file is then pasted into C:\Program Files\Openfire\resources