I joined a server to a MS Active Directory using realmd/sssd. I installed apache with mod_auth_kerb and created a keytab on a windows server. But, I need to add more SPNs to the keytab.
I have tried using kadmin, but I get an error:
root@server /etc/httpd# kadmin -p admin@domain -q "ktadd -k /etc/httpd/krb5.keytab HTTP/service1.domain"
Authenticating as principal admin@domain with password.
Password for admin@domain:
Password for admin@domain:
kadmin: Database error! Required KADM5 principal missing while initializing kadmin interface
I have been searching online, but as usual I am having a real hard time finding anything helpful relating to kerberos.
Authentication appears to be working, though I am missing principals;
[Wed Dec 30 12:06:49.076912 2015] [auth_kerb:error] [pid 5246] [client 10.30.10.5:10988]
gss_acquire_cred() failed: Unspecified GSS failure.
Minor code may provide more information (, No key table entry found matching HTTP/service1.domain@)