Problem with single sign-on using Kerberos on W2K server

Hi All,

I've encountered problem when setting up single sign-on using Kerberos. Grateful if someone can give me some idea on that. The situation is as follows.

Database: 9.2.0 on HP-UX 11i (hostname=ediud15,SID=dev1) KDC: W2K server (hostname=kdcserver,domain name=KDCDOMAIN) Client: sqlplus 8.0.6 on W2K professional (domain user name=tswsin)

I can successfully obtain a ticket as follows: C:\>oklist
Kerberos Utilities for 32-bit Windows: Version 9.2.0.1.0 - Production on 26-2-2003 15:59:50
Copyright (c) 1996, 2002 Oracle Corporation. All rights reserved. Ticket cache: /tmp/krb.cc
Default principal: tswsin_at_KDCDOMAIN
Valid Starting Expires Principal
26-2-2003 15:58:33 26-2-2003 23:59:37 krbtgt/KDCDOMAIN_at_KDCDOMAIN

However, when I try to connect to the DB by entering "C:\>sqlplus /@dev1", the following error always appears:
ORA-01004: default user name feature not supported; logon denied

Additional information:
I created the service principal by the following command: c:\ktpass -princ dev1/ediud15_at_KDCDOMAIN -mapuser ediud15 -pass oracle -out c:\v5srvtab

krb.conf:
KDCDOMAIN
KDCDOMAIN kdcserver admin server

krb5.conf:
[libdefaults]

default_realm = KDCDOMAIN

[realms]

KDCDOMAIN = {
kdc = kdcserver:88
}

[domain_realm]

krb5.realms:
* KDCDOMAIN Grateful if someone can give me some help.

Many many thanks.

Regards,
Timmy Received on Mon Mar 03 2003 - 03:47:09 CST