Results 1 to 2 of 2

Thread: SPNEGO GSSException: Defective token detected

Hybrid View

  1. #1
    Join Date
    Feb 2013
    Posts
    8
    Rep Power
    2

    Question SPNEGO GSSException: Defective token detected

    Hi all,


    I just set up the new ZCS 8 and try to get SSO with SPNEGO working.


    I followed https://github.com/Zimbra-Community/...ocs/spnego.txt this howto and it works ... kind of.

    I have to specify the target DC when creating the keytab file, probably because I have 4 DC's here, but not sure.
    Aynway, it is created and the keytab file copied to the zimbra server as suggested. after a zimbra restart and the internet explorer set up, the following occurs in the log files:
    GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag)


    Full part of the logfiles: zimbra spnego problem - Pastebin.com

  2. #2
    Join Date
    Feb 2013
    Posts
    8
    Rep Power
    2

    Default

    Ok, one step closer to the solution.

    up to now, I used a second hostname to access the host, because the server will replace the old zimbra 5 mail server soon. So i always accessed with the IP or another (mail-new) temporary hostname.

    Always, I get either the HTTP Auth from the browser or just an error message in the log, that the Auth failed.

    I read somewhere that the GSSException could be thrown when you try to connect to a W2k8 server but for me it didn't make a difference if I connect to the 2k3 or 2k8 DC.

    After adding the "real" hostname to the Windows hosts file on the client to do a test with the actual hostname (mail.domain.org), it worked.

    The VirtualHostname parameter is set, nut doesn't seem to work in my case, maybe someone knows why.
    zimbraVirtualHostname: mail.NEWDOMAIN.org
    zimbraVirtualHostname: mail.OLDDOMAIN.org
    zimbraVirtualHostname: 10.10.11.4
    zimbraVirtualHostname: mail-new.NEWDOMAIN.org

    it only works with: mail.NEWDOMAIN.org

Similar Threads

  1. Error 401 when using Spnego authentication
    By mjendrossek in forum Administrators
    Replies: 1
    Last Post: 12-06-2012, 05:42 AM
  2. Error 401 when using Spnego authentication
    By mjendrossek in forum Installation
    Replies: 0
    Last Post: 12-05-2012, 02:41 AM
  3. spnego sso failure redirect
    By cbl016 in forum Administrators
    Replies: 4
    Last Post: 11-13-2012, 11:44 AM
  4. SPNEGO on the appliance
    By gerdesj in forum Virtualization
    Replies: 2
    Last Post: 11-11-2012, 01:33 AM
  5. spnego error
    By maumar in forum Zimbra Connector for Outlook
    Replies: 0
    Last Post: 09-12-2012, 01:10 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •