I am using kerberos to authenticate a user and its failing. Audit failure details in event viewer are following
A Kerberos authentication ticket (TGT) was requested.
Account Information:
Account Name:
HTTP
Supplied Realm Name:
TEST.COM
User ID:
NULL SID
Service Information:
Service Name:
krbtgt/TEST.COM
Service ID:
NULL SID
Network Information:
Client Address:
::ffff:2.2.2.60
Client Port:
42062
Additional Information:
Ticket Options:
0x40800000
Result Code:
0x6
Ticket Encryption Type:
0xffffffff
Pre-Authentication Type:
-
Certificate Information:
Certificate Issuer Name:
Certificate Serial Number:
Certificate Thumbprint:
Certificate information is only provided if a certificate was used for pre-authentication.
Pre-authentication types, ticket options, encryption types and result codes are defined in RFC 4120.
The result code 0x6 means that user doesn't exist in Kerberos database but i have a user already configured in AD. This is windows server 2008 (non-R2) and user account name is "axax" and User logon name is "HTTP/axax.test.com". The domain name is test.com. From wireshark, i can see that my client is sending AS-REQ which has correct 2 name string items HTTP & axax.test.com. I am not sure why is it failing.
